Deep Security Information and Event Management (SIEM) is a platform that centralises an organisation's logs and analyses them in real time in search of threats.
The early response system makes it possible to mitigate attacks automatically and in conjunction with the threat intelligence component, it provides AI models with feedback on the analysis. In addition, DeepSIEM has a comprehensive and intuitive interface that enables data monitoring, report generation and management of alerts and assets. DeepSIEM is available in both local and cloud environments.
DeepSIEM's integrated deployment wizard allows a choice of SaaS modes, multi-vendor cloud deployment and on-premise deployment.
Cloud deployment options allow you to leverage the full computing power, configuration facilities and scaling advantages while on-premise deployment allows you to adapt to all the needs and constraints that can occur in complex business environments.
The amount of security event data is so large that security operations centre teams must manage billions of events each day. DeepSIEM integrates Big Data technologies to facilitate real-time ingestion, processing and search for large volumes of data.
The data that the platform obtains from the systems it monitors allow for the development of models adapted to each infrastructure. These models trace the behaviour of each device, network and application, making it possible to detect anomalies and advanced attacks that would have been able to elude conventional solutions. DeepSIEM has an automatic learning module that uses global asset and threat data for model evolution and their rapid adaptation to the changing cyber security environment.
The DeepSIEM platform has been designed for all types of organizations with a heavy data traffic; small, medium and large companies alike. For this reason, its design is fully modular and scalable and can be deployed in environments that are adapted to the needs of the organisation.