What is it about?
For complete visibility of attack attempts and compromises in any corporate information system, a fundamental pillar of ICT Security is the management of logs produced by operating systems, applications, security equipment or network.
Not only a useful tool, but also a requirement based on different standards, such as ISO 27001 or PCI DSS, and also – directly or indirectly – by some regulations, such as the GDPR, the provision of the Guarantor for system administrators, the NIS directive for operators of critical infrastructure and others.
Working with its partner HTS Hi-Tech Services, CryptoNet Labs offers two solutions of Log management and SIEM (Security Information and Event Management) completely developed in Italy and designed for the consolidation and preservation of logs from heterogeneous sources in an integral and protected way: LogBox and Coala Suite.
Log collection takes place, where possible, through an agent installed on the source that allows the sending of events on an encrypted channel, or in agent-less mode, supporting the most popular logging protocols.
The solution allows you to perform advanced analysis on recorded logs, through full-text queries (essential for forensic computing after an incident), event correlation rules, configuration of dashboards and custom reports, as well as set appropriate alarms to detect operational or security anomalies. The solution can therefore also meet the needs of a company NOC or SOC or integrate with the systems already used by them.
Who can benefit from it
All companies, of any size, that process data that is critical for the business or is sensitive, even in industrial contexts (OT), both to implement the technological foundations and support adequate security monitoring and incident management processes and to meet the requirements of national and international regulations and industry standards.