Partners| Technology

Thanks to the use of the standard format IDMEF (RFC 4765) and LibPrelude, Prelude is natively compatible with all the major open source anti-intrusion sensors. Therefore, these probes can be stored at the Prelude manager and submit their notifications directly.

 

The Benefits 

  • Reduced volumes of logs to be transmitted over the network (only the alerts are sent)
  • Top response time of the SIEM solution
  • Opportunity to improve the network security by relying on open-source components
  • Compliance with the IDMEF standard format and its wealth for your network different components

The installation and configuration of these probes on your system is available through the service Prelude Deploy

6cure is an innovative company, specialising in information system security. Our experts are known throughout the world for their R&D work in the area of intrusion detection and cyber-attack response systems. 6cure offers solutions for active defence against attacks on information systems and networks to guarantee availability and quality of service for our customers. Our solutions deal with the issues of internet stakeholders, whether for their own needs or to offer a value-added service to their customers.

Level : Expert

Darktrace is the "Enterprise Immune System" global leader, an innovative approach in the sector of cybersecurity. Using self-learn new technologies based on human  immune system organic principles, Darktrace take up the challenge to detect advanced threats that hasn't been premapped regardless of its origins.

Level : Basic

DenyAll gives you the power and flexibility you’ve been looking for to secure your cloud applications and web services. So you can focus on delivering a safe digital experience.

Level : Basic

Ilex International is a European software vendor which specialises in Identity & Access Management solutions (IAM).
Founded in 1989, the company is based in France and provides solutions and services in Europe and Africa through its Moroccan office. Our R&D and integration teams are composed of high level IT engineers who are passionate about IT Security. We have been providing, over the past 25 years, state of the art solutions, support and integration services to a large international customer base.

Level : Basic

With 10 years of leadership, Olfeo is the software vendor of the leading European proxy and content filtering solution, initially developed for French businesses and government agencies. Olfeo offers an Internet security solution which allows organizations to manage, monitor and secure internal and external Internet use. We now have more than 2000 customers and over 3 million users. Everyday, 60 team members help Olfeo grow and we are constantly looking for news talents to enrich our team.base.

Level : Basic

Sentryo ICS CyberVision delivers an operational security capacity to prevent, detect and respond to cyber attacks targeting the Industrial Internet. It enables collaboration between Operational Technology and IT staffs over a simple and intuitive tool designed for non-cybersecurity experts.

Level : Basic

We are on a mission to offer ready to use highly scalable, robust, secure, flexible and easy to manage network security management appliances integrating the powerful multi threading Suricata IDPS engine. With most of the company founders being members of the core team for the Suricata IDPS engine, we are persuaded that we can provide you the best of this technology in terms of performance and versatility.

Level : Expert

Stormshield Network Security solutions are built upon the concept of Multi-layer Collaborative Security. This holistic model, based on the active collaboration between the security engines on our various solutions marks the future of information system defense in depth. As trusted vendors, Stormshield deploys technologies that have been certified at the highest level in Europe (EU RESTRICTED, NATO RESTRICTED, and ANSSI EAL4+). The awarded certifications and qualifications guarantee an adapted level of protection for the strategic data of even the most sensitive corporations and organizations.

Level : Basic

Teclib’ is an open source software editor that offers a vast range of fully integrated open source technology packages, to better respond to business needs. Our open and collaborative ecosystem connects partners, customers and contributors (IT experts), to build secure, flexible and innovative solutions all together. Through our Partnership Programs, we have been able to extend our knowledge and expertise to a great variety of international industries and organizations, such as Government, IT and Telecommunication, and Private companies.

Level : Expert

WALLIX is a cybersecurity software company which helps many customers to protect and secure their critical IT assets including data, servers, terminals and connected devices. WALLIX was founded in 2003 with a simple vision to create the most effective and complete solution to the challenges of managing privileged user access. The result of that vision is Wallix AdminBastion (WAB) Suite, a powerful combination of password, access and session management with detailed monitoring and auditing for privileged users’ activity.

Level : Basic

Kaspersky Lab’s deep threat intelligence and security expertise is constantly transforming into security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats.

Level : Basic

Suricata is a free and open source, mature, fast and robust network threat detection engine. The Suricata engine is capable of real time intrusion detection (IDS), inline intrusion prevention (IPS), network security monitoring (NSM) and offline pcap processing. Suricata inspects the network traffic using a powerful and extensive rules and signature language, and has powerful Lua scripting support for detection of complex threats.

Level : Expert

OSSEC is a free, open-source host-based intrusion detection system (HIDS). It performs log analysis, integrity checking, Windows registry monitoring, rootkit detection, time-based alerting, and active response.

Level : Expert

The Samhain host-based intrusion detection system (HIDS) provides file integrity checking and log file monitoring/analysis, as well as rootkit detection, port monitoring, detection of rogue SUID executables, and hidden processes. Samhain been designed to monitor multiple hosts with potentially different operating systems, providing centralized logging and maintenance, although it can also be used as standalone application on a single host.

Level : Expert

Orchids is a real-time event analysis and temporal correlation tool for intrusion detection and reaction.

Level : Expert

SpamAssassin is the #1 Open Source anti-spam platform giving system administrators a filter to classify email and block spam (unsolicited bulk email). It uses a robust scoring framework and plug-ins to integrate a wide range of advanced heuristic and statistical analysis tests on email headers and body text including text analysis, Bayesian filtering, DNS blocklists, and collaborative filtering databases.

Level : Expert

Clam AntiVirus (ClamAV) is a free, cross-platform and open-source antivirus software toolkit able to detect many types of malicious software, including viruses. One of its main uses is on mail servers as a server-side email virus scanner.

Level : Expert

SANCP is a network security tool designed to collect statistical information regarding network traffic, as well as, record the traffic itself to file in pcap format for the purpose of: auditing, historical analysis, and network activity discovery. Rules can be used to distinguish normal traffic from abnormal traffic and support tagging connections with: rule id, node id, and status id. From an intrusion detection standpoint, every connection is an event that must be validated through some means. SANCP uses rules to identify, record, and tag traffic of interest.  Connection 'stats' can be loaded into a database for further analysis.

Level : Basic

Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. It reduces bandwidth and improves response times by caching and reusing frequently-requested web pages. Squid has extensive access controls and makes a great server accelerator. It runs on most available operating systems, including Windows and is licensed under the GNU GPL.

Level : Expert

The auditd system is an access monitoring and accounting for Linux developed and maintained by RedHat. It was designed to integrate pretty tightly with the kernel and watch for interesting system calls. Additionally, likely because of this level of integration and detailed logging, it is used as the logger for SELinux.

Level : Expert

SNORT is a free and open source network intrusion prevention system (NIPS) and network intrusion detection system (NIDS) created by Martin Roesch in 1998. Snort is now developed by Sourcefire, of which Roesch is the founder and CTO, and which has been owned by Cisco since 2013.

Level : Expert

Linux Pluggable Authentication Modules (PAM) provide dynamic authentication support for applications and services in a Linux or GNU/kFreeBSD[1] system. Linux PAM is evolved from the Unix Pluggable Authentication Modules architecture.

Level : Basic

Kismet is an open source detection network software, sniffer, and a intrusion detection system for wifi 802.11. networks.

Level : Expert

Nepenthes is a low interaction honeypot like honeyd or mwcollect. Low Interaction Honeypots emulate _known_ vulnerabilities to collect information about potential attacks. Nepenthes is designed to emulate vulnerabilties worms use to spread, and to capture these worms. As there are many possible ways for worms to spread, Nepenthes is modular.

Level : Basic

ModSecurity is a toolkit for real-time web application monitoring, logging, and access control. I like to think about it as an enabler: there are no hard rules telling you what to do; instead, it is up to you to choose your own path through the available features.

Level : Basic

CrawlProtect is the script that protects your website. Blocking the connexion attempts to your website identifying injection of code, SQL, "Badbots" visits, Off-line browsers, Shell command execution attempts.

Level : Expert