Today’s Security Landscape
Attack surface is increasing Threat vectors becoming more sophisticated Compliance laws are getting more stringent
L3 Security Engineer skill required
Introducing aiSIEM™ Platform
A Machine Learning and AI Platform built on Big/Fast Data Architecture.
Comprehensive Threat Detection and Remediation built into single platform.
Out of box - automatically presents only analyzed/verified threats - no tuning ever
Leverages AI to Detect and then stop the Threats – With no human intervention
An integrated solution that covers compliance and a broad spectrum of use cases
+
See Everything Detect Threats That M atter Stop the Threat
( S I E M + S O A R + UE B A + N B A D / N T A + T I + I D S + M L + A I : C o m p r e h e n s i v e C y b e r s e c u r i t y f o r D i g it a l - E r a )
( S I E M + S O A R + UE B A + N B A D / N T A + T I + I D S + M L + A I : C o m p r e h e n s i v e C y b e r s e c u r i t y f o r D i g it a l - E r a )
aiSIEM : How it works?
( S I E M + S O A R + UE B A + N B A D / N T A + T I + I D S + M L + A I : C o m p r e h e n s i v e C y b e r s e c u r i t y f o r D i g it a l - E r a )
Outputs
Threat Intelligence
Dynamic Threat
M odels Engine
Fast Big Data Streaming Engine
Feature Extraction, Local Enrichment, Algorithms
Elimination & Containment
Control and Collection Engine
Collects inputs from variety of sources
Extracts features for input to the APE
Runs local enrichments and algorithms
M L Engine – User, App, Services and Host Behavior
AI Engine w ith Actionable Intelligence (Remediation)
Analytics and Policy Engine
Proactive threat detection with past context and global threat intelligence addressing threats that matter with actionable intelligence
Proactive Threat Detection
Comprehensive Visibility
Compliance & Governance Reports
Automated Real -time Threat Elimination CCE – n CCE – 2 CCE – 1
aiSIEM : Architecture
aiSIEM : Use Cases
Continuous Enhancement of Hygiene (Firew all, Email/Web GW, Anti Virus, Identity Management)
C yb e r C r i m e • Know n/Unkn ow n • Ransomw ar e • M alware • Spyw are • APTs I n s i d e r T h r e a t s • M alicious Insider • Compromised Credentials • UEBA • Privilege M isuse D e n i a l o f S e r v i c e • Brute-force • Volumetric • Application Layer • Protocols S t r i c t P o l i c y E n f o r c e m e n t • Limit access to Critical Assets • Stop Unw anted Connectivity, Applications Vu l n e r a bil i t y E x p l o i t s • Data/IP Exfiltration • Unknow n • Know n OS • Apps • Firmw are • Email • Web C o n t i nu o u s C o m p l i a n c e • HIPAA • PCI-DSS • NIST • GDPR • SOX O t h e r U s e C as e s • IIoT/IoT Cybersecurity • Detect IT M istakes • Detect Shadow IT • NBAD • IDS
( S I E M + S O A R + UE B A + N B A D / N T A + T I + I D S + M L + A I : C o m p r e h e n s i v e C y b e r s e c u r i t y f o r D i g it a l - E r a )
On-premise, Cloud or both
: Deployment
( S I E M + S O A R + UE B A + N B A D / N T A + T I + I D S + M L + A I : C o m p r e h e n s i v e C y b e r s e c u r i t y f o r D i g it a l - E r a )
aiSIEM
Architecture
aiSIEM : Key Features
Visibility
Threat Detection
• Ingests raw streaming data (Identity, Web, App, F/W, Proxy, W indows, DNS & DHCP) and Flow s (NetFlow, Sflow, Jflow)
• Logically auto -discovers and creates asset groups
• Machine learning and AI with actionable intelligence ; eliminating need to add rules
• Behavioral analytics, predictive modeling and contextual real -time alerts with automated analysis and correlation
Threat Containment and Elimination
Compliance, Indexing and Reporting
• Out-of-the-box automated threat containment and elimination in real-time
• Provides clear actionable steps to eliminate threats, which can be fully automated
• Regulatory compliance (HIPAA, PCI, NIST, GDPR) assurance and customizable operational reports
• Log indexing, long-term storage and data analytics for forensic analysis
Operations Management
• Microservice architecture facilitates rapid deployment across cloud, on -premise or hybrid
• Simplified licensing based on the number of assets (versus that amount of data ingested)
( S I E M + S O A R + UE B A + N B A D / N T A + T I + I D S + M L + A I : C o m p r e h e n s i v e C y b e r s e c u r i t y f o r D i g it a l - E r a )
Benefits of aiSIEM
Reduces Mean-Time-To-Response (MTTR) with Automatic Threat Remediation
Reduces Mean-Time-To-Identify (MTTI) with Proactive Threat Detection
Continuous Compliance and Monitoring (Security Analytics)
Comprehensive Visibility of all assets, flow s, applications and their interactions
Flexible and Scalable Deployment in Bare Metal, Cloud or Hybrid
Reduces CAPEX / OPEX as licensing is based on the number of assets
Eliminates need for silo solutions (such as, UEBA, DLP, IDS, IPS, WASF)
1 2 3 4 5 6 7
( S I E M + S O A R + UE B A + N B A D / N T A + T I + I D S + M L + A I : C o m p r e h e n s i v e C y b e r s e c u r i t y f o r D i g it a l - E r a )
Key Takeaways
1 2 3 4
Fully Automated Solution - detects & stops cyber threats of all kinds in real -time
Ease of Deployment and Improved Operational Efficiency plus Accuracy
Overcomes the Operational & Deployment Cost Short Comings of SIEMS
Assures Compliance - by reducing the exposure risk and providing reports
( S I E M + S O A R + UE B A + N B A D / N T A + T I + I D S + M L + A I : C o m p r e h e n s i v e C y b e r s e c u r i t y f o r D i g it a l - E r a )
Thank You! F or more inf ormat ion c ont act: + 91 8879004536 | in f o @ n et l a bindi a . c o m | www.n et l a bindi a . c o m