SlideShare a Scribd company logo

ASPEN Brochure

F
Florin Hoinarescu

With cyber-attacks on the rise, companies are transforming their approach to security monitoring from reactive towards intelligence-driven security. We can help you empower your security teams, and your business, to perform better in the digital world with a next-generation Security Information and Event Management (SIEM) platform and Security Operations Center (SOC)

Technology
1 of 9
Download to read offline
ASPEN Advanced Security Processing ENgine Next Generation SIEM + 24/7 Managed Security ABSTRACT With cyber-attacks on the rise, companies are transforming their approach to security monitoring from reactive towards intelligence- driven security. We can help you empower your security teams, and your business, to perform better in the digital world with a next- generation Security Information and Event Management (SIEM) platform and Security Operations Center (SOC).
1 OVERVIEW 1 2 SOLUTION 2 3 HIGHLIGHTS 3 4 SERVICES 4 5 KEY FEATURES 5 6 WHY ARE WE DIFFERENT 6 7 REFERENCES 7
1 Next Generation SIEM Platform Page 1 1 Overview With cyber attacks on the rise, companies are transforming their approaches to security monitoring - from reactive to intelligence- driven security. This means being able to spot, examine, report and respond to advanced threats quickly, using real-time security data. We can help you empower your security teams and your business to perform better in the digital world with a next-generation Security Information and Event Management (SIEM) platform and consulting Security Operations Center (SOC). We work together with many organizations to optimize and improve their cyber security using real-time threat intelligence and our Security Operations Center (SOC) services, provided by experienced analysts and security practitioners in the area of threat prevention. Our team comprises of highly qualified experts with over 20 years of experience in data security, threat and vulnerability assessments, design implementation and management of security solutions, and cyber security consulting. We are focused on innovation, proactive thinking and a future- ready approach. We help our clients to build the best foundation for moving from reacting to incidents towards applying analytics to proactively manage cyber threats. The Security Operations Center (SOC) is an external center for monitoring and analysis of our clients’ IT infrastructure and systems. Our SOC combines the latest tools, next generation SIEM platform and our security monitoring best-practices to help you maintain a safe environment. Our SOC makes dedicated security monitoring expertise available to third parties, in a cost-efficient way. We offer a variety of services to suit all the needs of enterprises, governments and public sector organizations. The Center also hosts training sessions that help clients enhance their security monitoring and SOC skills and get the most from their technology investment. “the future belongs to those who can see it”
2 Next Generation SIEM Platform Page 2 2 Solution ASPEN (Advanced Security Processing ENgine) leverages Big Data technologies to deliver real-time threat intelligence, forensics and incident response capabilities. Built by a team of security professionals with 20+ years of experience in cyber threat prevention, ASPEN is a leading next-gen SIEM (Security Information and Event Management) solution that brings features for security data collection, analysis and automated threat remediation. ASPEN is the only SIEM solution in the market that integrates digital traps, enabling security practitioners to collect valuable cyber intelligence. ASPEN’s flexible architecture makes it easy to implement and customize to meet the needs of enterprises and public sector organizations of any size. We combine ASPEN with its SOC (Security Operations Center) services to a solution that addresses the widest spectrum of internal and external threats organizations face today. get more from your SIEM
3 Next Generation SIEM Platform Page 3 3 Highlights “GOOGLE LIKE” SEARCH High-speed analytics powered by a modern Big Data Lake platform for processing large volumes of data in real-time. ASPEN platform enables security professionals to query data at lightning fast speed - over 50 million events/msec. ADAPTED TO YOUR BUSINESS The software is highly flexible and can be tailored to the client’s unique needs. No matter what business logic you have or how complex your IT systems are, ASPEN lets you create correlation rules that meet your business strategy, human factors and industry practices. EMPOWER YOUR SECURITY TEAMS Real-time event correlation capabilities provided by ASPEN enable your security teams to proactively manage risk. A 3D view from a single web console simplifies monitoring. Digital forensics, based on real-time data, can be quickly transformed into insights that help shorten containment time. KNOW YOUR ENEMY ASPEN is the only SIEM platform that integrates trap deception tools - digital clones of your IT systems, designed to entice attackers. Besides reducing false positives, ASPEN’s digital traps also allow your teams to acquire valuable knowledge about the latest attack vectors, which gives your company a valuable head start over adversaries KEEP YOUR FINGER ON THE PULSE Unlike other SEIM products, ASPEN embeds business context in security analytics. It delivers alters that give you visibility into end users’ activities on desktops, servers and network devices. This helps to prevent human error and mitigate malicious attacks before any damage can occur. • less than 5 ms detection time • unlimited log storage • regular reports • C-Level dashboard
4 Next Generation SIEM Platform Page 4 4 Services System Analysis Our cyber security team will examine every nook and cranny of your IT environment in order to understand the architecture of your systems, pinpoint weaknesses and offer recommendations on how to redesign the systems. Vulnerability Assessment and Penetration Testing Our RED Team of ethical hackers will simulate real-world attacks to test the vulnerabilities in your IT environment. We will identify security gaps and flaws in your business-critical systems, as well as their potential impacts. Afterwards, we will create a report with detailed information about your weak spots and recommendations for improvement. System Dimensioning and Planning Working closely with you, our team will rank critical indicators according to importance and will implement event correlation rules. During this stage, we will create an estimated timeframe for ASPEN implementation. Implementation and Go-live The implementation of ASPEN includes a number of different steps, which will vary based on the number of correlation rules and the client’s needs. Monitoring After go-live, our team of security analysts will provide 24/7 monitoring of your IT systems. This includes end-to-end monitoring, incident alerts and reporting based on real-time log data. Depending on your requirements, we can also help you set up automated responses to specific security incidents. User Training and Development The end-user training is a fundamental step in any SIEM implementation. The goal is educating users about ASPEN - its threat
5 Next Generation SIEM Platform Page 5 intelligence, forensics, digital traps and threat remediation capabilities - in order to reduce the likelihood and impact of critical events. You can benefit on various types of education on demand, including cyber awareness and cyber analytics training. 5 Key Features Deception is a trick or scheme used to force an attacker to think he is accessing real assets in order to confuse him and detect his action. We provide traps at every possible step of an attacker, from traps deployed at external services to traps deployed at internal memory of every workstation or IoT device Threat intelligence is evidence-based knowledge, including context, mechanisms, indicators, implications, and action-oriented advice about an existing or emerging menace or hazard to assets. Threat Intelligence is the process of gathering information about cyber attacks around the world for purpose of recognising similar attacks against your customers. Cyber security monitoring&surveillance provide real- time visibility into an organization's security posture, by constantly monitoring of people, processes, systems and network events and performing in real time correlation with external and internal data for purpose of detection of cyber security incidents. Auto remediation is an approach to automation that responds to security events with automations able to fix, or remediate detected cyber attack. Automated penetration testing is a penetration testing performed by artificial intelligence algorithms, using knowledge based on attack vectors and exploits collected from our traps. ASPEN creates digital clones as active traps ASPEN performs both historical and real time (<5ms) correlation ASPEN offer visual reconstruction (“forensics on a click”) ASPEN do data anonymization and pseudonymization in real time ASPEN performs real time correlation with Threat Intelligence data ASPEN integrates with 80+ antiviruses ASPEN performs automatic noise events elimination ASPEN offer real time auto remediation
6 Next Generation SIEM Platform Page 6 ASPEN can: • store unlimited amount of data • anonymize/pseudonymize private data in real time • get any log from a day years ago in less than 10sec • detect real time connections with threat hosts • deceit attackers and block them automatically • detect attacks by events correlation • learn about your specific IoT/IT device unknown vulnerabilities • track visually any of your systems/users • process even 50,000 events per second on a single host 6 Why are we different BUSINESS MODEL COMPETITION ASPEN Standard Perm licence + security add-on cost: No data limits, fixed price for one organisation, based on features list No SLA, no guarantees Guaranteed for agreed service up to 80% TCV Additional data sources (e.g. IoT, Threat Intelligence) are paid additionally No additional cost per data source types No integrated data anonymization / pseudonimization Integrated data anonymization / pseudonimization No Threats Intelligence data integration & correlation Integrated Open Source Treat intelligence (~1,000,000 threat indicators per day) No traps (deception) integrated Integrated deception (traps) No multi antivirus check Integrated multi antivirus check (80+AV) TECHNICAL PERFORMANCE (HARDWARE NEEDS)
7 Next Generation SIEM Platform Page 7 TEST 50,000 EPS for a Telecom provider, doing anonymization & real time correlation COMPETITION ASPEN Indexer cluster: • 96 nodes x 56CPU cores = 5376 CPU • 96 nodes x 512MB = 48GB RAM Search cluster: • 8 nodes x 80CPU = 640 CPU • 8 nodes x 1024GB = 8192GB RAM Data volume per day = 6TB ASPEN real time correlation cluster: • 2 nodes x 17CPU cores = 38 CPUs • 2 nodes x 20GB RAM = 40GB Big data cluster: • 10 CPU cores + 80GB RAM Data volume per day = 5-7TB Total: 6016CPU + 8240GB RAM Total: 48CPU + 120GB RAM 7 References • Athens (Greece) for Olympic Games • Torino (Italy) for Olympic Games and Telecom Operator • Beijing (China) for largest ever Olympics • Singapore (Singapore) for Youth Olympic Games • Kuala Lumpur (Malaysia) for regional Atos SOC services • Bydgoszcz (Poland) for Global Siemens Security Operations • Astana (Kazakhstan) for TSC Corporation (banking, insurance) • Belgrade (Serbia) for Government of Serbia • Bangkok (Thailand) for commercial SOC services Proud of our team and solution

Recommended

ASPEN - NEXT GENERATION SIEM
ASPEN - NEXT GENERATION SIEMASPEN - NEXT GENERATION SIEM
ASPEN - NEXT GENERATION SIEM
Florin Hoinarescu
 
Insight into SOAR
Insight into SOARInsight into SOAR
Insight into SOAR
DNIF
 
Need of SIEM when You have SOAR
Need of SIEM when You have SOARNeed of SIEM when You have SOAR
Need of SIEM when You have SOAR
Siemplify
 
Top 10 Questions to Ask Your Vulnerability Management Provider
Top 10 Questions to Ask Your Vulnerability Management ProviderTop 10 Questions to Ask Your Vulnerability Management Provider
Top 10 Questions to Ask Your Vulnerability Management Provider
Tawnia Beckwith
 
Need Of Security Operations Over SIEM
Need Of Security Operations Over SIEMNeed Of Security Operations Over SIEM
Need Of Security Operations Over SIEM
Siemplify
 
Security Information Event Management - nullhyd
Security Information Event Management - nullhydSecurity Information Event Management - nullhyd
Security Information Event Management - nullhyd
n|u - The Open Security Community
 
Security Orchestration, Automation & Incident Response
Security Orchestration, Automation & Incident ResponseSecurity Orchestration, Automation & Incident Response
Security Orchestration, Automation & Incident Response
Siemplify
 
CyberSecurity Strategy For Defendable ROI
CyberSecurity Strategy For Defendable ROICyberSecurity Strategy For Defendable ROI
CyberSecurity Strategy For Defendable ROI
Siemplify
 

Recommended

ASPEN - NEXT GENERATION SIEM
ASPEN - NEXT GENERATION SIEMASPEN - NEXT GENERATION SIEM
ASPEN - NEXT GENERATION SIEM
Florin Hoinarescu
 
Insight into SOAR
Insight into SOARInsight into SOAR
Insight into SOAR
DNIF
 
Need of SIEM when You have SOAR
Need of SIEM when You have SOARNeed of SIEM when You have SOAR
Need of SIEM when You have SOAR
Siemplify
 
Top 10 Questions to Ask Your Vulnerability Management Provider
Top 10 Questions to Ask Your Vulnerability Management ProviderTop 10 Questions to Ask Your Vulnerability Management Provider
Top 10 Questions to Ask Your Vulnerability Management Provider
Tawnia Beckwith
 
Need Of Security Operations Over SIEM
Need Of Security Operations Over SIEMNeed Of Security Operations Over SIEM
Need Of Security Operations Over SIEM
Siemplify
 
Security Information Event Management - nullhyd
Security Information Event Management - nullhydSecurity Information Event Management - nullhyd
Security Information Event Management - nullhyd
n|u - The Open Security Community
 
Security Orchestration, Automation & Incident Response
Security Orchestration, Automation & Incident ResponseSecurity Orchestration, Automation & Incident Response
Security Orchestration, Automation & Incident Response
Siemplify
 
CyberSecurity Strategy For Defendable ROI
CyberSecurity Strategy For Defendable ROICyberSecurity Strategy For Defendable ROI
CyberSecurity Strategy For Defendable ROI
Siemplify
 
8 Reasons to Choose Logrhythm
8 Reasons to Choose Logrhythm8 Reasons to Choose Logrhythm
8 Reasons to Choose Logrhythm
LogRhythm
 
7 Steps to Build a SOC with Limited Resources
7 Steps to Build a SOC with Limited Resources7 Steps to Build a SOC with Limited Resources
7 Steps to Build a SOC with Limited Resources
LogRhythm
 
Security Operations Center (SOC) Essentials for the SME
Security Operations Center (SOC) Essentials for the SMESecurity Operations Center (SOC) Essentials for the SME
Security Operations Center (SOC) Essentials for the SME
AlienVault
 
MSSP Security Orchestration Shopping List
MSSP Security Orchestration Shopping ListMSSP Security Orchestration Shopping List
MSSP Security Orchestration Shopping List
Siemplify
 
How To Select Security Orchestration Vendor
How To Select Security Orchestration VendorHow To Select Security Orchestration Vendor
How To Select Security Orchestration Vendor
Siemplify
 
Security operation center (SOC)
Security operation center (SOC)Security operation center (SOC)
Security operation center (SOC)
Ahmed Ayman
 
From SIEM to SOC: Crossing the Cybersecurity Chasm
From SIEM to SOC: Crossing the Cybersecurity ChasmFrom SIEM to SOC: Crossing the Cybersecurity Chasm
From SIEM to SOC: Crossing the Cybersecurity Chasm
Priyanka Aash
 
Security Operation Center Fundamental
Security Operation Center FundamentalSecurity Operation Center Fundamental
Security Operation Center Fundamental
Amir Hossein Zargaran
 
Cyber threat detection by siem tools
Cyber threat detection by siem toolsCyber threat detection by siem tools
Cyber threat detection by siem tools
mrigakshi goel
 
SIEM evaluator guide for soc analyst
SIEM evaluator guide for soc analystSIEM evaluator guide for soc analyst
SIEM evaluator guide for soc analyst
InfosecTrain
 
SOC3D_Brochure_NEW_Digital
SOC3D_Brochure_NEW_DigitalSOC3D_Brochure_NEW_Digital
SOC3D_Brochure_NEW_Digital
Oscar Williams
 
Top Cybersecurity Threats and How SIEM Protects Against Them
Top Cybersecurity Threats and How SIEM Protects Against ThemTop Cybersecurity Threats and How SIEM Protects Against Them
Top Cybersecurity Threats and How SIEM Protects Against Them
SBWebinars
 
Microsoft Azure Sentinel
Microsoft Azure SentinelMicrosoft Azure Sentinel
Microsoft Azure Sentinel
BGA Cyber Security
 
Whitepaper IBM Qradar Security Intelligence
Whitepaper IBM Qradar Security IntelligenceWhitepaper IBM Qradar Security Intelligence
Whitepaper IBM Qradar Security Intelligence
Camilo Fandiño Gómez
 
Panda Security - Adaptive Defense 360
Panda Security - Adaptive Defense 360Panda Security - Adaptive Defense 360
Panda Security - Adaptive Defense 360
Panda Security
 
Security Orchestration and Automation with Hexadite+
Security Orchestration and Automation with Hexadite+Security Orchestration and Automation with Hexadite+
Security Orchestration and Automation with Hexadite+
Nathan Burke
 
Security management
Security managementSecurity management
Security management
Dean Iacovelli
 
SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1
Priyanka Aash
 
Panda Security - Adaptive Defense
Panda Security - Adaptive DefensePanda Security - Adaptive Defense
Panda Security - Adaptive Defense
Panda Security
 
Open service risk correlation
Open service risk correlationOpen service risk correlation
Open service risk correlation
frantzyv
 
SecOps.pdf
SecOps.pdfSecOps.pdf
SecOps.pdf
Aelum Consulting
 
ServiceNow SecOps.pdf
ServiceNow SecOps.pdfServiceNow SecOps.pdf
ServiceNow SecOps.pdf
Aelum Consulting
 

More Related Content

What's hot

Security Operations Center (SOC) Essentials for the SME
Security Operations Center (SOC) Essentials for the SMESecurity Operations Center (SOC) Essentials for the SME
Security Operations Center (SOC) Essentials for the SME
AlienVault
 
SOC3D_Brochure_NEW_Digital
SOC3D_Brochure_NEW_DigitalSOC3D_Brochure_NEW_Digital
SOC3D_Brochure_NEW_Digital
Oscar Williams
 
Top Cybersecurity Threats and How SIEM Protects Against Them
Top Cybersecurity Threats and How SIEM Protects Against ThemTop Cybersecurity Threats and How SIEM Protects Against Them
Top Cybersecurity Threats and How SIEM Protects Against Them
SBWebinars
 

What's hot (20)

8 Reasons to Choose Logrhythm
8 Reasons to Choose Logrhythm8 Reasons to Choose Logrhythm
8 Reasons to Choose Logrhythm
 
7 Steps to Build a SOC with Limited Resources
7 Steps to Build a SOC with Limited Resources7 Steps to Build a SOC with Limited Resources
7 Steps to Build a SOC with Limited Resources
 
Security Operations Center (SOC) Essentials for the SME
Security Operations Center (SOC) Essentials for the SMESecurity Operations Center (SOC) Essentials for the SME
Security Operations Center (SOC) Essentials for the SME
 
MSSP Security Orchestration Shopping List
MSSP Security Orchestration Shopping ListMSSP Security Orchestration Shopping List
MSSP Security Orchestration Shopping List
 
How To Select Security Orchestration Vendor
How To Select Security Orchestration VendorHow To Select Security Orchestration Vendor
How To Select Security Orchestration Vendor
 
Security operation center (SOC)
Security operation center (SOC)Security operation center (SOC)
Security operation center (SOC)
 
From SIEM to SOC: Crossing the Cybersecurity Chasm
From SIEM to SOC: Crossing the Cybersecurity ChasmFrom SIEM to SOC: Crossing the Cybersecurity Chasm
From SIEM to SOC: Crossing the Cybersecurity Chasm
 
Security Operation Center Fundamental
Security Operation Center FundamentalSecurity Operation Center Fundamental
Security Operation Center Fundamental
 
Cyber threat detection by siem tools
Cyber threat detection by siem toolsCyber threat detection by siem tools
Cyber threat detection by siem tools
 
SIEM evaluator guide for soc analyst
SIEM evaluator guide for soc analystSIEM evaluator guide for soc analyst
SIEM evaluator guide for soc analyst
 
SOC3D_Brochure_NEW_Digital
SOC3D_Brochure_NEW_DigitalSOC3D_Brochure_NEW_Digital
SOC3D_Brochure_NEW_Digital
 
Top Cybersecurity Threats and How SIEM Protects Against Them
Top Cybersecurity Threats and How SIEM Protects Against ThemTop Cybersecurity Threats and How SIEM Protects Against Them
Top Cybersecurity Threats and How SIEM Protects Against Them
 
Microsoft Azure Sentinel
Microsoft Azure SentinelMicrosoft Azure Sentinel
Microsoft Azure Sentinel
 
Whitepaper IBM Qradar Security Intelligence
Whitepaper IBM Qradar Security IntelligenceWhitepaper IBM Qradar Security Intelligence
Whitepaper IBM Qradar Security Intelligence
 
Panda Security - Adaptive Defense 360
Panda Security - Adaptive Defense 360Panda Security - Adaptive Defense 360
Panda Security - Adaptive Defense 360
 
Security Orchestration and Automation with Hexadite+
Security Orchestration and Automation with Hexadite+Security Orchestration and Automation with Hexadite+
Security Orchestration and Automation with Hexadite+
 
Security management
Security managementSecurity management
Security management
 
SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1
 
Panda Security - Adaptive Defense
Panda Security - Adaptive DefensePanda Security - Adaptive Defense
Panda Security - Adaptive Defense
 
Open service risk correlation
Open service risk correlationOpen service risk correlation
Open service risk correlation
 

Similar to ASPEN Brochure

Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...
Sirius
 

Similar to ASPEN Brochure (20)

SecOps.pdf
SecOps.pdfSecOps.pdf
SecOps.pdf
 
ServiceNow SecOps.pdf
ServiceNow SecOps.pdfServiceNow SecOps.pdf
ServiceNow SecOps.pdf
 
Ijetr042329
Ijetr042329Ijetr042329
Ijetr042329
 
Seceon's aiXDR_ Automating Cybersecurity Threat Detection in 2023 - Seceon.pptx
Seceon's aiXDR_ Automating Cybersecurity Threat Detection in 2023 - Seceon.pptxSeceon's aiXDR_ Automating Cybersecurity Threat Detection in 2023 - Seceon.pptx
Seceon's aiXDR_ Automating Cybersecurity Threat Detection in 2023 - Seceon.pptx
 
5 BEST PRACTICES FOR A SECURITY OPERATION CENTER (SOC)
5 BEST PRACTICES FOR A SECURITY OPERATION CENTER (SOC)5 BEST PRACTICES FOR A SECURITY OPERATION CENTER (SOC)
5 BEST PRACTICES FOR A SECURITY OPERATION CENTER (SOC)
 
SIEM vs EDR
SIEM vs EDRSIEM vs EDR
SIEM vs EDR
 
Axxera ci siem
Axxera ci siemAxxera ci siem
Axxera ci siem
 
Siem solutions R&E
Siem solutions R&ESiem solutions R&E
Siem solutions R&E
 
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...
 
Security operation center.pdf
Security operation center.pdfSecurity operation center.pdf
Security operation center.pdf
 
SEIM-Microsoft Sentinel.pptx
SEIM-Microsoft Sentinel.pptxSEIM-Microsoft Sentinel.pptx
SEIM-Microsoft Sentinel.pptx
 
LTS SECURE SECURITY INFORMATION AND EVENT MANAGEMENT (SIEM)
LTS SECURE SECURITY INFORMATION AND EVENT MANAGEMENT (SIEM) LTS SECURE SECURITY INFORMATION AND EVENT MANAGEMENT (SIEM)
LTS SECURE SECURITY INFORMATION AND EVENT MANAGEMENT (SIEM)
 
Siem ppt
Siem pptSiem ppt
Siem ppt
 
The future of cyber security
The future of cyber securityThe future of cyber security
The future of cyber security
 
Sattrix Software Solutions Launched NewEvol, a Comprehensive Data Security Pl...
Sattrix Software Solutions Launched NewEvol, a Comprehensive Data Security Pl...Sattrix Software Solutions Launched NewEvol, a Comprehensive Data Security Pl...
Sattrix Software Solutions Launched NewEvol, a Comprehensive Data Security Pl...
 
Seceon-Case-Study-Smart-Government-Cybersecurity (1).pptx
Seceon-Case-Study-Smart-Government-Cybersecurity (1).pptxSeceon-Case-Study-Smart-Government-Cybersecurity (1).pptx
Seceon-Case-Study-Smart-Government-Cybersecurity (1).pptx
 
The Fundamentals and Significance of Security Orchestration Tools
The Fundamentals and Significance of Security Orchestration ToolsThe Fundamentals and Significance of Security Orchestration Tools
The Fundamentals and Significance of Security Orchestration Tools
 
Aensis Cyber_Sec 2017
Aensis Cyber_Sec 2017Aensis Cyber_Sec 2017
Aensis Cyber_Sec 2017
 
SOC and SIEM.pptx
SOC and SIEM.pptxSOC and SIEM.pptx
SOC and SIEM.pptx
 
Top Cyber Threat Intelligence Tools in 2021.pdf
Top Cyber Threat Intelligence Tools in 2021.pdfTop Cyber Threat Intelligence Tools in 2021.pdf
Top Cyber Threat Intelligence Tools in 2021.pdf
 

Recently uploaded

Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
DianaGray10
 
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptxUnpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
David Michel
 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
Ralf Eggert
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
RTTS
 

Recently uploaded (20)

When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
 
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptxUnpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
 
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptxIOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
 
"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi
 
Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*
 
UiPath Test Automation using UiPath Test Suite series, part 2
UiPath Test Automation using UiPath Test Suite series, part 2UiPath Test Automation using UiPath Test Suite series, part 2
UiPath Test Automation using UiPath Test Suite series, part 2
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
 
UiPath Test Automation using UiPath Test Suite series, part 1
UiPath Test Automation using UiPath Test Suite series, part 1UiPath Test Automation using UiPath Test Suite series, part 1
UiPath Test Automation using UiPath Test Suite series, part 1
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
 
ODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User GroupODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User Group
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
 

ASPEN Brochure

  • 1. ASPEN Advanced Security Processing ENgine Next Generation SIEM + 24/7 Managed Security ABSTRACT With cyber-attacks on the rise, companies are transforming their approach to security monitoring from reactive towards intelligence- driven security. We can help you empower your security teams, and your business, to perform better in the digital world with a next- generation Security Information and Event Management (SIEM) platform and Security Operations Center (SOC).
  • 2. 1 OVERVIEW 1 2 SOLUTION 2 3 HIGHLIGHTS 3 4 SERVICES 4 5 KEY FEATURES 5 6 WHY ARE WE DIFFERENT 6 7 REFERENCES 7
  • 3. 1 Next Generation SIEM Platform Page 1 1 Overview With cyber attacks on the rise, companies are transforming their approaches to security monitoring - from reactive to intelligence- driven security. This means being able to spot, examine, report and respond to advanced threats quickly, using real-time security data. We can help you empower your security teams and your business to perform better in the digital world with a next-generation Security Information and Event Management (SIEM) platform and consulting Security Operations Center (SOC). We work together with many organizations to optimize and improve their cyber security using real-time threat intelligence and our Security Operations Center (SOC) services, provided by experienced analysts and security practitioners in the area of threat prevention. Our team comprises of highly qualified experts with over 20 years of experience in data security, threat and vulnerability assessments, design implementation and management of security solutions, and cyber security consulting. We are focused on innovation, proactive thinking and a future- ready approach. We help our clients to build the best foundation for moving from reacting to incidents towards applying analytics to proactively manage cyber threats. The Security Operations Center (SOC) is an external center for monitoring and analysis of our clients’ IT infrastructure and systems. Our SOC combines the latest tools, next generation SIEM platform and our security monitoring best-practices to help you maintain a safe environment. Our SOC makes dedicated security monitoring expertise available to third parties, in a cost-efficient way. We offer a variety of services to suit all the needs of enterprises, governments and public sector organizations. The Center also hosts training sessions that help clients enhance their security monitoring and SOC skills and get the most from their technology investment. “the future belongs to those who can see it”
  • 4. 2 Next Generation SIEM Platform Page 2 2 Solution ASPEN (Advanced Security Processing ENgine) leverages Big Data technologies to deliver real-time threat intelligence, forensics and incident response capabilities. Built by a team of security professionals with 20+ years of experience in cyber threat prevention, ASPEN is a leading next-gen SIEM (Security Information and Event Management) solution that brings features for security data collection, analysis and automated threat remediation. ASPEN is the only SIEM solution in the market that integrates digital traps, enabling security practitioners to collect valuable cyber intelligence. ASPEN’s flexible architecture makes it easy to implement and customize to meet the needs of enterprises and public sector organizations of any size. We combine ASPEN with its SOC (Security Operations Center) services to a solution that addresses the widest spectrum of internal and external threats organizations face today. get more from your SIEM
  • 5. 3 Next Generation SIEM Platform Page 3 3 Highlights “GOOGLE LIKE” SEARCH High-speed analytics powered by a modern Big Data Lake platform for processing large volumes of data in real-time. ASPEN platform enables security professionals to query data at lightning fast speed - over 50 million events/msec. ADAPTED TO YOUR BUSINESS The software is highly flexible and can be tailored to the client’s unique needs. No matter what business logic you have or how complex your IT systems are, ASPEN lets you create correlation rules that meet your business strategy, human factors and industry practices. EMPOWER YOUR SECURITY TEAMS Real-time event correlation capabilities provided by ASPEN enable your security teams to proactively manage risk. A 3D view from a single web console simplifies monitoring. Digital forensics, based on real-time data, can be quickly transformed into insights that help shorten containment time. KNOW YOUR ENEMY ASPEN is the only SIEM platform that integrates trap deception tools - digital clones of your IT systems, designed to entice attackers. Besides reducing false positives, ASPEN’s digital traps also allow your teams to acquire valuable knowledge about the latest attack vectors, which gives your company a valuable head start over adversaries KEEP YOUR FINGER ON THE PULSE Unlike other SEIM products, ASPEN embeds business context in security analytics. It delivers alters that give you visibility into end users’ activities on desktops, servers and network devices. This helps to prevent human error and mitigate malicious attacks before any damage can occur. • less than 5 ms detection time • unlimited log storage • regular reports • C-Level dashboard
  • 6. 4 Next Generation SIEM Platform Page 4 4 Services System Analysis Our cyber security team will examine every nook and cranny of your IT environment in order to understand the architecture of your systems, pinpoint weaknesses and offer recommendations on how to redesign the systems. Vulnerability Assessment and Penetration Testing Our RED Team of ethical hackers will simulate real-world attacks to test the vulnerabilities in your IT environment. We will identify security gaps and flaws in your business-critical systems, as well as their potential impacts. Afterwards, we will create a report with detailed information about your weak spots and recommendations for improvement. System Dimensioning and Planning Working closely with you, our team will rank critical indicators according to importance and will implement event correlation rules. During this stage, we will create an estimated timeframe for ASPEN implementation. Implementation and Go-live The implementation of ASPEN includes a number of different steps, which will vary based on the number of correlation rules and the client’s needs. Monitoring After go-live, our team of security analysts will provide 24/7 monitoring of your IT systems. This includes end-to-end monitoring, incident alerts and reporting based on real-time log data. Depending on your requirements, we can also help you set up automated responses to specific security incidents. User Training and Development The end-user training is a fundamental step in any SIEM implementation. The goal is educating users about ASPEN - its threat
  • 7. 5 Next Generation SIEM Platform Page 5 intelligence, forensics, digital traps and threat remediation capabilities - in order to reduce the likelihood and impact of critical events. You can benefit on various types of education on demand, including cyber awareness and cyber analytics training. 5 Key Features Deception is a trick or scheme used to force an attacker to think he is accessing real assets in order to confuse him and detect his action. We provide traps at every possible step of an attacker, from traps deployed at external services to traps deployed at internal memory of every workstation or IoT device Threat intelligence is evidence-based knowledge, including context, mechanisms, indicators, implications, and action-oriented advice about an existing or emerging menace or hazard to assets. Threat Intelligence is the process of gathering information about cyber attacks around the world for purpose of recognising similar attacks against your customers. Cyber security monitoring&surveillance provide real- time visibility into an organization's security posture, by constantly monitoring of people, processes, systems and network events and performing in real time correlation with external and internal data for purpose of detection of cyber security incidents. Auto remediation is an approach to automation that responds to security events with automations able to fix, or remediate detected cyber attack. Automated penetration testing is a penetration testing performed by artificial intelligence algorithms, using knowledge based on attack vectors and exploits collected from our traps. ASPEN creates digital clones as active traps ASPEN performs both historical and real time (<5ms) correlation ASPEN offer visual reconstruction (“forensics on a click”) ASPEN do data anonymization and pseudonymization in real time ASPEN performs real time correlation with Threat Intelligence data ASPEN integrates with 80+ antiviruses ASPEN performs automatic noise events elimination ASPEN offer real time auto remediation
  • 8. 6 Next Generation SIEM Platform Page 6 ASPEN can: • store unlimited amount of data • anonymize/pseudonymize private data in real time • get any log from a day years ago in less than 10sec • detect real time connections with threat hosts • deceit attackers and block them automatically • detect attacks by events correlation • learn about your specific IoT/IT device unknown vulnerabilities • track visually any of your systems/users • process even 50,000 events per second on a single host 6 Why are we different BUSINESS MODEL COMPETITION ASPEN Standard Perm licence + security add-on cost: No data limits, fixed price for one organisation, based on features list No SLA, no guarantees Guaranteed for agreed service up to 80% TCV Additional data sources (e.g. IoT, Threat Intelligence) are paid additionally No additional cost per data source types No integrated data anonymization / pseudonimization Integrated data anonymization / pseudonimization No Threats Intelligence data integration & correlation Integrated Open Source Treat intelligence (~1,000,000 threat indicators per day) No traps (deception) integrated Integrated deception (traps) No multi antivirus check Integrated multi antivirus check (80+AV) TECHNICAL PERFORMANCE (HARDWARE NEEDS)
  • 9. 7 Next Generation SIEM Platform Page 7 TEST 50,000 EPS for a Telecom provider, doing anonymization & real time correlation COMPETITION ASPEN Indexer cluster: • 96 nodes x 56CPU cores = 5376 CPU • 96 nodes x 512MB = 48GB RAM Search cluster: • 8 nodes x 80CPU = 640 CPU • 8 nodes x 1024GB = 8192GB RAM Data volume per day = 6TB ASPEN real time correlation cluster: • 2 nodes x 17CPU cores = 38 CPUs • 2 nodes x 20GB RAM = 40GB Big data cluster: • 10 CPU cores + 80GB RAM Data volume per day = 5-7TB Total: 6016CPU + 8240GB RAM Total: 48CPU + 120GB RAM 7 References • Athens (Greece) for Olympic Games • Torino (Italy) for Olympic Games and Telecom Operator • Beijing (China) for largest ever Olympics • Singapore (Singapore) for Youth Olympic Games • Kuala Lumpur (Malaysia) for regional Atos SOC services • Bydgoszcz (Poland) for Global Siemens Security Operations • Astana (Kazakhstan) for TSC Corporation (banking, insurance) • Belgrade (Serbia) for Government of Serbia • Bangkok (Thailand) for commercial SOC services Proud of our team and solution