LOG CORRELATION ENGINE

Corrlation, Alerts and Automated Response

Event correlation in few clicks!

The LM module natively supports Syslog. It was also designed to collect The LCE module, using the informations collected from others platform modules, allows you to mitigate the danger of IT threats. The correlation engine is able to aggregate events coming from various data sources and applying predefined rules to construct individual scenarios. The rules trigger an automatic action against potential attack or create an alert able to reduce response times when an incident occurs.

Powerfull Correlation Engine

The SGBox correlation engine allows you to interconnect a series of events chains coming from single or multiple sources, analyzing the values collected such as: timestamp, IP address, User names, etc …

Predefined Rules Set

It is possible to choose correlation rules from many predefined templates, constantly updated and guaranteed by the experience of our Security Engineers.

SOAR Integration

SGBox can be interoperable with SOAR solutions (Security Operation Automation Response ) to feed those platform providing meaningful information.

Automated Response

SGBox can engage automated response in case of threats by launching scripts or interacting with security components via API or APPs to mitigate theats.

1000
Projects
95
% of Renewals
20
Developers
50
Partners