Introduction
Discover our product
Introduction
Internet use has become widespread in all organizations. In 2019, the number of Internet users was estimated at more than 4 billion, the number of websites 1 billion and the associated total turnover of BtoC transactions at 2300 billion dollars. This growing mass of money does not leave cybercrime actors indifferent, and they continue to organize and improve.
Faced within response to this professionalization, both in the techniques and in the methods of attacks, it has become essential to strengthen the protection of information and to be able to monitor and protect them from cyber-threats from increasingly sophisticated attacks.
In parallel with the emergence of ever more sophisticated tools to attack businesses and governments, their attack surface has expanded considerably, due to the increased amount of data across our IT infrastructures. The ability to monitor all of that data is a real challenge for cybersecurity. At the same time, the effectiveness of many protections such as firewalls, anti-virus, anti-spam and other detection probes is limited if it is not accompanied by the introduction of an overall management tool.
Prelude SIEM complements the security of information systems by offering a platform for centralized management of the cyber security of your business.
Prelude SIEM: From Big Data to SmartData
Prelude is a SIEM (Security Information and Event Management) whose primary function is to analyze in real time large volumes of raw data (RAW BIG DATA) from all devices and enterprise applications to extract the essential (SMART DATA). To refine this analysis, Prelude SIEM can rely on other available information such as inventory information, patch management and vulnerability or external cyber threat information such as CTI (Cyber Threat Intelligence).
The objective of Prelude SIEM is to alert the operator but also to provide all the necessary information (intelligent and contextualized data) to react quickly to the danger. To meet this objective, Prelude SIEM relies on IDMEF standard (RFC 4765).
IDMEF: the international standard for intrusion detection
Prelude SIEM presents a strong specificity in the SIEM community: it implements the IDMEF size (RFC 4765: idmef). This format is defined at the IETF (Internet Engineering Task Force), the standards organization responsible for Internet protocols (HTTP, SMTP, LDAP, NTP, etc.).
This standardized format enables to homogenize the way of presenting a security alert but also to enrich it by providing context that will be necessary for the operator to quickly and efficiently make decisions. It is the most complete and structured alert format in the market. The IDMEF format being very common in the open-source information systems community, Prelude SIEM is natively compatible with major community safety reference tools to help you take advantage of their power at a reasonable cost.
Prelude SIEM: Renowned French alternative
The SIEM market is dominated today by major US publishers.
On the threshold of the few available alternatives, Prelude SIEM is distinguished by its SIEM architecture as it was defined by Gartner in 2005 with the combination of a trace management and indexing module (SIM) and a detection/real-time correlation module (SEM). This architecture optimizes both the detection capabilities and the investigative capabilities.