SIEMonster

SIEMonster is truly SIEM for everyone, whether you’re a charity, Starter, Enterprise or Managed Security Service Provider company has the range of products that will let you know exactly what’s happening in your network.

What is SIEMonster?

SIEMonster is the brainchild of a team of professional hackers with over 20 years’ experience hacking into companies around the world. Using this experience, SIEMonster has built modern security SIEM tools for companies wanting to detect threats and risks to their organization. It all began when a global manufacturer detailed their frustrations at the exorbitant licensing costs of commercial SIEM products and asked whether team could build a SIEM to minimize these annual license fees. SIEMonster now provides SIEM products for Managed Security Providers (MSSP’s) and Security Professionals around the world.

EDITIONS:

• COMMUNITY EDITION. The Community Edition is a single server built by the community for the community.
• PROFESSIONAL EDITION. The Professional Edition is a single appliance or Virtual machine, for small business.
• ENTERPRISE EDITION. The SIEMonster Enterprise Edition. Monitor network assets in an affordable scalable solution.
• MSSP EDITION. Want to run your own SOC? run our Multi-Tenant Edition for Managed Security Service Providers.

Human Based Behavior

Every user has a behavioral fingerprint – that is, a unique, nuanced way they use their own computer. Behavioral fingerprints can be monitored to detect when something changes and risk increases, when the user just isn’t behaving like they usually do. SIEMonster behavioral analytics monitors usage and detects non-users sooner, where others still fail. Operating where others continue to fail, SIEMonster can reduce benign positives and set actionable priorities.

Threat Intelligence

As a part of the SIEMonster toolset, Palo Alto MineMeld is a Threat intelligence processing framework that can be used to collect, aggregate and filter indicators from a variety of sources and intelligence feeds. Providing vectors for translation tables in the form of known malicious domains used for Phishing, C&C hosts, TOR endpoints and known compromised hosts. This threat intelligence is then used to identify/detect such hosts contained within incoming security log data.The Palo Alto Minemeld client application has been pre-installed to setup appropriate feeds. You can select both commercial feeds, open source free feeds and law enforcement sources.

Deep Learning

AI and subsets Machine & Deep Learning along with Neural Networks – terms often used by Security marketing vendors. The effectiveness of these tools can be limited by integration strategy, widening the gap between what can be considered benign and that which requires immediate action. SIEMonster strives to close this gap through innovation to not only reduce false positives but apply counteraction and extend automation, reducing the load on the typical SOC analyst. The ultimate SIEM tool, SIEMonster is not only affordable and customizable, but becomes the pulse of your organization’s security posture. With the ability to absorb third party endpoint protection data, SIEMonster can perform correlation instantly against other events and data. Applying real time analysis of SIEMonster event alert streams, Threat Intelligence, Deep Learning combined with Human Based Behavior traits and Honeypot data is a good start. By adding active Threat Hunting to the mix along with common IOC recognition and utilizing the Mitre Att&ck™ Framework, accuracy of threat recognition becomes sufficient to kill attacks. Without human intervention users can be disabled, IP addresses blocked and assets shut down, effectively removing the threat and reducing the workload of security administrators within the SOC.