WHY choose prelude siem ?
10 GOOD REASONS
The power of the in-depth detection
New detection techniques have emerged recently. Whether from artificial intelligence or intelligence services, these techniques as well as the more traditional techniques have advantages and disadvantages. Depending on the types of attacks each method is more or less effective. We mustn’t oppose these techniques but combine them. This is what Prelude SIEM offers through its multiple correlation engines. Thus, by combining these techniques in the in-depth detection you increase your detection capabilities.
A decidedly exploitation-oriented application
The Prelude SIEM team combines expertise in detection and exploitation. Around the IDMEF format, the maximum is done to automate the processing and present operators with information in contextualized form. Prelude SIEM interfaces are designed to ease all current operating tasks: notification, investigation, escalation, resolution, reporting. Ultimately, the aim is to minimize the operating cost of the solution..
The product's completeness
Prelude SIEM is a complete product. It offers all the features one would expect from a modern SIEM today. The Archive module gives you full function of Log Management and Alert module provides attack detection in real time. In addition to these two modules, the Analysis module provides many graphical investigative and reporting tools. You can also enrich SIEM through SOC options: vulnerability mapping, CTI, etc.
Compatibility with IDMEF standard
By opting for a standard product, you ensure your system to provide:
- A better detection efficiency and contextualization.
- A lasting investment in both the implementation and in the operation.
- A native compatibility with numerous sensors and open-source tools.
The IDMEF format is now promoted by an international consortium initiated by the ANSSI (the French national cybersecurity agency). (www.idmef.net)
The simple and competitive rates
The pricing of Prelude SIEM depends on the number of sources of events on your network. This allows you to completely master the cost of your deployment. No surprise if, suddenly attacked, your EPS rate begins to skyrocket. At this time, you have something else to do than to contact your publisher to negotiate a license extension!
The application security
Prelude SIEM inherits the open source excellence in terms of safety. The availability of the source code at the heart of the product has always forced the Prelude team to uphold to a very high level of quality and safety. Few if any commercial tool is subject to such a number of reviewers. The Prelude 5th release completes the security of the code by an advanced securisation of the execution environment. Minimizing the number of installed packages, fine configuration of SELinux services, enhancing system security, etc. The Prelude team was inspired by numerous recommendations from the ANSSI (National French Security Agency) to reach a level of safety equivalent to classified environments.
Flexibility / Adaptability / Customization
Prelude SIEM is designed to easily suit any environment. Prelude SIEM can be installed on a single system or in distributed mode. Each macro function is available as a module (collection, detection, correlation, manager, etc.). These modules can be in parallel or related. Prelude SIEM offers, in addition, numerous interfaces to connect to your existing system; graphical interfaces, but also APIs to connect to existing tools in your SOC.
Proven effectiveness
Present on the SIEM market for many years, Prelude SIEM, in its open-source version, then in its commercial version has been deployed on multiple architectures of all sizes worldwide. Prelude OSS is the SIEM reference in most Linux distributions. It’s the first SIEM to respect the IDMEF standard and to demonstrate all the efficiency of the latter. Prelude SIEM has also been able to adapt with completely renovated ergonomic interfaces and completing its detection techniques with new developments based on the use of artificial intelligence.
The Prelude services
The team Prelude SIEM can support you in all phases of your project. You may decide to entrust the total realization of the “turnkey” project (Plan, Deploy, Run) or instead be accompanied to take total ownership of the tool during its implementation (Training, Serenity and Emergency). You can also ask us for a mixture of both strategies. For more information, please visit our services page.