SOC Modules | Improve your security

Prelude SIEM offers all the necessary features to set up the monitoring and control of your security. For more specific environments we propose optional modules that meet different specific needs:

  • MAP: Synoptic network and threat representation module
  • Asset: Complete ITIL management module (inventory, tickets, contracts, etc.)
  • Vuln: Vulnerability Management Module
  • CTI: Cyber Threat Intelligence Module;
  • Safe: Innovative Endpoint protection

Prelude MAP: Mapping

Map is a "synoptic" visualization module of the security status of your network. Unlike simplistic maps based on GeoIP coordinates that cannot represent your internal network, Map works on maps that you can adapt to your needs. A safety indicator is associated with each of your equipment. You can view its availability, vulnerability level, value and compliance. Thus, Map allows you to identify the threat status on each portion of the network with a simple glance. Map is an essential module for an Operational Security Centre (SOC). It provides an overview of the state of the network and allows the centre manager to have a synthetic follow-up.

SOC SIEM Asset module: ticket management and inventory

Asset module: ticket and equipment management

Asset is an interface with the GLPI asset management tool compatible ITILv2. If you have a GLPI installation (Version > 9.1.2) you can configure Prelude SIEM to connect to it for incident management and asset inventory. If you do not have your GLPI instance we can install and configure it for you. If you have another inventory and/or ticket management solution we can study its interconnection with Prelude SIEM.
SOC SIEM Vuln module: vulnerability scanner

Vuln module: vulnerability scanner

Vuln is an interface with OpenVAS that allows you to remotely control your OpenVAS (programming and launching scans) and query it to use vulnerability data within the correlation. If you have an OpenVAS installation, simply indicate its configuration in Prelude. If you do not have an OpenVAS we can install and configure it for you. If you have another scanner model we can study the development of a connection with Prelude SIEM.

SOC SIEM CTI Module: Cyber Threat Intelligence

Prelude CTI : Cyber Threat Intelligence

CTI (Cyber Threat Intelligence) allows you to take advantage of information on cyber threats (lists of dangerous IP addresses, spam servers, "trapped" websites, etc.) collected by other users and security teams. A CTI module based on open-source data is included in Prelude SIEM. The optional module Prelude CTI is based on a European partner offer to strengthen the CTI capabilities of the solution. This database provides you with information covering botnets, malware, hacktivist groups, IP tor, attack servers, spam servers, etc.
Safe Module: Innovative protection of client workstations

Safe Module: Innovative protection of client workstations

SAFE Cyber Defense is an innovative solution for protecting client workstations. Its agent installed on the machines makes it possible to detect and block any threat, whatever its type or origin, by performing real-time monitoring of system and network activity. In the event of a security alert, suspicious behavior, or simply for the purpose of performing a malware analysis, SAFE Cyber Defense integrates all the necessary tools to understand the path of an attack or program. Thanks to these tools and the collection of information by agents, it is easy to find the source of a file, process or network access.