Client cases | They trust us

Prelude has been active in the cyber security market for 20 years. Thanks to its open-source version Prelude SiEM enjoys an international reputation that has been strengthened through our network of partners. Its compliance with standards, its high modularity, its performance and its intelligent data processing are all specific features that make it a unique tool deployed in multiple sectors from SMEs to large administrations.

Ministry of Economy and Finance

"The implementation of the SOC is a significant step forward in the management of cybersecurity for General Staff services and should enable us to take an important step forward in bringing our information system under control"

Central Services Informatics Branch

Context :

  • Establishment of a SOC within the General Secretariat of the Ministry of Finance

Scope and volume :

  • 2000 users, 4000 equipment, 10 000 EPS
  • Turnkey project: Plan, Deploy, Training
  • Fully redundant architecture (2 sites)
  • Assistance in defining a monitoring strategy

Choice factors :

  • Respect of IDMEF and IODEF standards
  • Assistance in the deployment of the solution
  • Redundancy capacity of the solution
  • Functional richness of the solution

AlfaStrakhovanie Insurance, Moscou.

"We have been using Prelude for 5 years and it has become an essential tool for security event management, incident investigation and response. Thanks to its modularity, Prelude easily manages the expansion and evolution of our infrastructure, without compromising its ability to collect and correlate critical security events. For us, it is also very important to be able to ensure compatibility with the different types of systems that are being monitored.

Prelude successfully manages all our data sources and gives us the ability to add new ones at a lower cost. It provides the ability to use the centralized approach to managing our security solutions and to ensure a high level of security for our information system. »"

CISO - AlfaStrakhovanie Insurance

Context :

  • AlfaStrakhovanie is a large insurance company with a large geographically distributed infrastructure whose network extends over 1000 km from Kaliningrad to Kamchatka.

Scope :

  • 6,000 hosts, 24,000 EPS
  • 400 branches, 6000 employees
  • 2 data centers
  • 1 data processing centre

Scope of monitoring :

  • Antivirus software on all employees' computers (+ 6000)
  • OSSEC (Microsoft Active Directory and Windows event logs)
  • Logs of collection events (*nix, BSD, AIX)
  • The messaging system
  • DLP system removable media (on all employee computers)
  • Antivirus software for Web gateways
  • IPS (initially Snort. Today, it is a proprietary solution)
  • Monitoring of network devices
  • VoIP servers

Choice factor :

  • Ability to adapt the solution
  • Powerful real-time processing, notification and operating interfaces
  • Prelude compatibility with OSSEC open-source probes

World leader in digital security and smart cards

Scope and volume :

  • One data center, 1000 devices, 4,000 EPS
  • N-Tier Architecture
  • Redundant platform
  • Use of Auditd probes on Enpoint

Facteurs de choix :

  • Prelude IDMEF native compatibility with OSS Auditd and OSSEC probes
  • PCI Reporting and Visa Compliance
  • Platform interconnection capacity via the Prelude bus
  • Quality of support during infrastructure migration

Ministry of the Armed Forces

Prelude has been selected by the Ministry of Defence for deployment on a highly secure and confidential system. As part of this project, the client also selected Vigilo's offer from the Unity pack.

Context :

  • Implementation of a convergent NOC / SOC solution on a set of Ministry of Defense sites

The objectives of the project :

  • Turnkey project: Plan, Deploy, Training and Serenity
  • Control and rationalize operating costs through NOC-SOC convergence
  • Increase the operational efficiency of systems
  • To be supported by a cybersecurity expert during changes in the scope of consolidation
  • Rely on a French and trusted partner in the field of cybersecurity

Prelude's differentiators :

  • Control and sovereignty of the software production chain
  • Functional richness
  • Man-Machine Interface available in French
  • Modularity and deployability in decentralized mode
  • Capacity to transfer skills to departmental teams
  • NOC-SOC convergence with the Unity offer

Project volumetrics :

  • Target volume: 2500 equipments, 10 000 EPS
  • A highly sensitive and secure environment
  • Decentralized architecture

The robustness and sovereign mastery of the solution were important factors in the customer's choice.

Future Investment Plan

"On the advice of ANSSI and the Ministry of Defence, the administration has selected CS and its SIEM Prelude as part of the Future Investment Programmes. At the heart of the digital security sector, the objective of the Prelude NG project is to modernize the Prelude SIEM to make it the French SIEM of the market. The project lasted 3 years and had a budget of several million euros."

Context :

  • Assistance in the development of a sovereign SIEM solution for OIVs (Operators of Vital Importance)

The main projects of the project

  • Optimization of event processing performance and Big Data capacity
  • Implementation of new defensive and metric correlation techniques
  • Expansion of the sensor range and event processing
  • Development of functional evaluation techniques for SIEMs
  • Strengthening of the CID axes (confidentiality, integrity and availability)
  • Regulatory compliance assistance
  • New generation graphical analysis technique
  • Improvement of the ergonomics and operating functionalities of the solution.

 

Ministry of Ecological and Solidarity Transition

Context :

  • French Administration
  • Protection of branches of the Ministry of Ecological and Solidarity Transition on about forty sites

Scope and volume :

  • 300 equipments on 40 sites
  • Decentralized architecture
  • Transport guaranteed by local bufferization
  • Professional Services: Plan, Deploy, Training

Choice factors :

  • Decentralization capacity
  • Transfer security
  • Deployment support and training