SOC MODULES
Boost your security
Introduction
Prelude SIEM SOC offers all features necessary to implement the monitoring and control of your security. For more specific needs, we offer optional modules that meet various specific needs:
- SIC: Cyber Threat Intelligence Subscription
- MAP: synoptic representation of network and threats module
- VULN: vulnerability management module
- ASSET : full fleet management module (ITIL inventory, tickets, contracts, etc…)
CTI : Cyber Threat Intelligence
CTI (Cyber Threat Intelligence) allows you to take advantage of cyber threat information (lists of dangerous IP addresses, spam servers, “trapped” websites, etc.) collected by other users and security teams. A CTI module based on open-source data is included in Prelude SIEM. The optional Prelude CTI module is based on a European partner offer to reinforce CTI capabilities of the solution. This database offers information covering botnets, malware, hacktivist groups, tor IPs, the attack servers, spam servers, etc.
MAP: Mapping
Map is a synoptic visualization module of the security status of your network. Unlike simplistic maps based on GeoIP coordinates that can represent your internal network, Map works on maps that you can adapt to your needs. A security indicator is associated with each of your equipment. You can view availability, level of vulnerability, value and compliance. So Map allows you identify the state of threat on each portion of the network at a glance. Map is an indispensable module for a Security Operations Center (SOC). It offers a comprehensive view of network status and allows the manager to have a synthetic monitoring.
Vuln : vulnerability scanner
Prelude SIEM provides an interface with OpenVAS which allows you to control OpenVAS remotely (programming and launch scans) and inquire it to use the vulnerabilities data within the correlation. If you have this set-up, you simply indicate its configuration in Prelude SIEM. If you do not have OpenVAS, we propose to install and configure it for you. If you have another scanner model, we can study the development of a connection with Prelude SIEM.
Asset : management and ticket inventory
Prelude SIEM offers many interfaces with GLPI asset management tool supporting ITIL v2. If you have installed GLPI you can configure Prelude SIEM to connect to it for incident management and inventory of the park. If you do not have your GLPI instance, we can install and configure it for you. If you have another inventory management solution and / or ticket, we can study its interconnection with Prelude SIEM.
