Prelude SIEM| Identify threats in real time
From the beginning, Prelude has been designed with high security requirements. All flows between modules are secured by SSL. The bus carrying the alerts, is designed to never lose messages. Failover mechanisms enables the design of redundant architectures. Log collection can also be designed through SSL as the connection to operating interfaces.
Smart Data | Real-time analysis
The essence of Prelude is to identify as soon as possible the preludes of an attack or intrusion. To do so, Prelude collects, selects, normalizes, correlates and aggregates all the traces of your system in order to identify in real time threats on your network. Its rich format enables Prelude of advanced correlation on any type of pre-defined or created scenarios for your specific needs.
Big Data | Archiving in deferred Time
Your data is rich in information if you know how to handle it. In addition to the real time identification of threats, Prelude stores in a NoSQL database all traces that are uploaded. Then, those data are analysed using a powerful «Google Like» search language via an intuitive interface. It helps you to understand an attack and also to identify potential weak signals or collateral damages.
Compliance with IDMEF and IODEF standard formats
Collaboration and interoperability are essential in the field of cybersecurity. Some actors are forced by French regulations or European guidelines, to report their incidents to the authorities. To meet this requirement, Prelude implements the cybersecurity open standard formats. IDMEF (RFC 4765) for alert formats and IODEF (RFC 5070) for incident formalizations.
Prelude relies on the latest web 3.0 technologies to provide to the operator an intuitive experience. The interface's usability has been improved to make easey-to-access some product features. A particular attention has been paid to ease the every day operator’s tasks. Many features are available on beginner or on expert mode, to simplify the tool's handling.
Written in C language, the heart of Prelude inherits the excellence and robustness from mature open-source projects. All the modules are parallelizable around the Prelude application bus. Therefore, by implementing the adapted architecture and distributing the power on several modules, there is theoretically no limit to the EPS volumes that Prelude is able to handle in real time.
Take adavntage from millions of information sources to protect your system. The Internet community federates many threats databases that help intelligence sharing between the different cybersecurity actors. To enhance its detection effectiveness, Prelude is connected to those communities and incorporates the produced information in its product.
Based on open-source
Prelude SIEM is based on the open-source project Prelude OSS. Available in the majority of the Linux distributions, studied in the schools and universities around the world, Prelude OSS is the reference in the open-source community for over 10 years. The heart of the Prelude solution, widely tested by the community, is common to both versions, which ensures the robustness.
Compatible with the open-source probes
For optimal performances, in addition to the log analysis, a SIEM must be based on the information collected by the anti-intrusion probes. For this, most SIEMs requires the acquisition of third-party proprietary probes, often expensive. Prelude works with those probes. In addition of its third-party proprietary probes compatibility, Prelude offers, though the IDMEF standard format, a native compatibility with the main market open-source probes. Therefore, you strengthen your network's security at a lower cost by taking advantage of the power of these recognized probes.
Multi -Archive compatibility
To satisfy our customers whom already have a log management tool, Prelude is now compatible with the main market solutions. It provides the correlation portion and real-time detection for threats identification and management. Specific plugins enables it to integrate the existing elements and combining the capabilities of both tools. If your log management solution is not present in our list, please do not hesitate to contact us, so we can study the feasibility.
Prelude is the most modular SIEM on the market. Too many SIEM solutions are offered in a completely monolithic form, making their deployment complex in a decentralized environment. Each Prelude function is available as components so that it is possible to deploy individually. Prelude fits to all companies, from the small or medium sized one to the multinationals.
Prelude is designed as modular applications. This enables precise configuration of the available features in the interfaces. Developing complementary business modules that satisfy your specific needs becomes simple with this framework.
Essentially visual, forensic analysis has never been so intuitive with Prelude. With the mass of information available today, data "classic" visualization is no longer sufficient for the identification of sophisticated threats. These new advanced graphic representations enables to highlight abnormal behaviors, potential sources of advanced attacks (APT).
Multi entities environment
Prelude is designed to operate in a multiple environment. User rights and profiles management enables to differentiate precisely operators’ types and functions they are allowed to access. In addition, it is possible to partition the data access, based on several criteria to create "virtual views" for each user.
Reports and customizable dashboards
Prelude offers many types of reports that offers a simple and educational vision of cybersecurity to the company's management staff. Indeed, business leaders often ignore the dangers hanging over their information systems. By its distributable and exportable reports by mail, it is possible to periodically inform the leaders of the company's risk level.
Integrated Incidents Management
Prelude provides in its interfaces, all the necessary tools to simplify the operators’ tasks. There is no effective security supervision without incidents management processes. With Prelude, the operator is guided by an inline help to diagnostic, by an incident and workflow management tool and by a knowledge base that can be completed.
Prelude alerts you in real time of the threats on your information system. It also helps you to meet your compliance requirements. For this, Prelude offers reports and tables of compliance covering the two most popular standards requirements: The PCI DSS and ISO 27 001. With those editable and printable reports, Prelude assists you in the verification of your compliance with these regulations.