Prelude SIEM| Identify threats in real time
From the beginning, Prelude has been designed with high security requirements. All flows between modules are secured by SSL. The bus carrying the alerts is designed to never lose messages. Failover mechanisms support the design of redundant architectures. Log collection can also be carried through as SSL connection to operating interfaces.
Smart Data | Real-time analysis
The essence of Prelude is to identify as soon as possible the preludes of an attack or intrusion. To do so, Prelude collects, selects, normalizes, correlates and aggregates all the traces of your system to identify in real time threats to your network. With its rich format, Prelude is capable of advanced correlation on any type of pre-defined or created scenarios for your specific needs.
Big Data | Archiving in deferred Time
Your data is rich in information if you know how to exploit it. In addition to the real time identification of threats, Prelude stores in a NoSQL database all traces that are uploaded. Then these data are analysed using a powerful search language «Google Like» via an intuitive interface. This helps to understand an attack but also to identify potential weak signals or collateral damages.
Compliance with IDMEF and IODEF standards
Collaboration and Interoperability are essential in the field of cybersecurity. Some actors are forced by French regulations or by European guidelines, to report their incidents to the authorities. To meet this requirement, Prelude implements the open standards of the cybersecurity, IDMEF (RFC 4765) for the alerts format and IODEF (RFC 5070) for the incidents formalization.
Prelude today relies on the latest web 3.0 technologies to provide the operator an intuitive experience. The interface ergonomics have been improved to access simply certain product features. Particular attention has been paid to ease every day operator’s tasks. Many features are available in beginner and expert mode to ease the tool handling.
Written in C language, the heart of Prelude inherits excellence and robustness from the mature open-source projects. All modules are parallelizable around the Prelude application bus. By implementing the adapted architecture and by distributing the power on several modules, there is theoretically no limit to the volumes of EPS for Prelude to handle in real time.
Benefit from the experience of millions of information sources to protect your system. The Internet community federates many threats databases that help intelligence sharing between the different cybersecurity actors. To enhance its detection effectiveness, Prelude is connected to these communities and incorporates the produced information in its product.
Based on open-source
Prelude SIEM is based on the open-source project Prelude OSS. Available in the majority of the Linux distributions, studied in the schools and universities around the world, Prelude OSS is a reference in the open-source community for over 10 years. The heart of the Prelude solution, widely tested by the community, is common to both versions, which ensures the robustness.
Compatible with the open-source probes
For optimal performances, in addition to the log analysis, a SIEM must rely on the information collected by the anti-intrusion probes. For this, most SIEMs require the acquisition of third-party proprietary probes, often expensive. Prelude works with these probes. In addition of its third-party proprietary probes compatibility, Prelude offers, notably thanks to the IDMEF format, a native compatibility with the main market open source probes. You strengthen your network security at a lower cost by taking advantage of the power of these recognized probes.
Multi -Archive compatibility
To satisfy our customers who already have a log management tool, Prelude is now compatible with the main market solutions. It provides the correlation portion and real-time detection for threats identification and management. Specific plugins allow to integrate the existing and combining the capabilities of both tools. If your log management solution is not present in our list, please do not hesitate to contact us, so that we study the feasibility.
Prelude is the most modular SIEM on the market. Too many SIEM solutions are offered in a completely monolithic form, making their deployment complex in a decentralized environment. Each Prelude function is available as components that can simply be deployed individually. Prelude fits to all companies, from small and medium size companies to multinationals.
Essentially visual, forensic analysis has never been so intuitive with Prelude. With the mass of information available today, "classic" visualization of the data is no longer sufficient for the identification of sophisticated threats. These new advanced graphic representations enable to highlight abnormal behaviors, potential sources of advanced attacks (APT).
Prelude is designed as modular applications. This enables precise configuration of the available features in the interfaces. Developing complementary business modules that satisfy your specific needs becomes simple with this framework.
Multi entities environment
Prelude is designed to operate in a multiple environment. Rights and profiles management enables to differentiate precisely operators’ types and functions they can access. In addition, it is possible to partition the data access, based on several criteria to create "virtual views" for each user.
Reports and customizable dashboards
Prelude offers many types of reports offering a simple and educational vision of cyber security to the company's management. Indeed, business leaders too often ignore the dangers hanging over their information systems. With its distributable and exportable reports by mail, it is possible to periodically inform the leaders of the company's risk level.
Integrated Incidents Management
Prelude provides in its interfaces, all the necessary tools to ease operators’ tasks. There is no effective security supervision without incidents management process. With Prelude, the operator is guided by inline help to diagnostic, by an incident and workflow management tool and by a knowledge base that can be completed.
Prelude alerts you in real time of the threats on your information system. It also helps you meet your compliance requirements. For this, Prelude offers reports and tables of compliance covering the two most popular standards requirements: The PCI DSS and ISO 27 001. With these editable and printable reports, Prelude assists you in the verification of your compliance with these regulations.