CY4GATE SIEM/SOAR

RTA (Real Time Analytics) is a cyber security software solution used to protect/monitor IT and industrial infrastructure based on Big Data Analytics technology.

The system allows:

1. Collection and analysis of event flows (standard and nonstandard data such as emails, telephone traffic, sensor traffic) from multiple sources (e.g. PCs, mobile phones, industrial sites);
2. Real-time contextualisation of monitored activities;
3. Indexing of all contextualised data in a “time-machine”;
4. Automatic identification of risky situations / anomalies and consequent classification (various levels of risk) and
   categorisation;
5. Suggested solutions for each problem.

RTA can be defined as a “Time Machine” which allows the analyst to gather information history in dynamic and ever-changing situations. Our SIEM allows the Analyst to flash forward to gather information regarding potential effects of occurring events

Value Drivers

RTA can collect and normalize huge amount of events from a large number of IT sensors, including proprietary sources, OT devices and cloud services, or directly from the network equipment or from the raw traffic.

1. RTA enriches data in real-time: More enrichment means more contextualized events, more contextualized events means better insight
2. RTA adopts a mixing of rules, statistical baselining and machine learning approaches which scales up using a full distributed infrastructure
3. RTA allows the analyst to gather back the information in order to “freeze the events” within evolving situations and review it using a “time machine” approach
4. RTA shows data for humans, giving a real-time exploration experience inside a single point-of-view

CY4GATE UEBA

UEBA stands for User and Entity Behaviour Analytics and was previously known as user behaviour analytics (UBA). UEBA uses large datasets to model typical and atypical behaviours of humans and machines within a network. By defining such baselines, it can identify suspicious behaviour, potential threats, and attacks that traditional antivirus may not detect.

Normal SIEM solutions use correlation rules depending on known patterns, that are not able to detect new evolving threats and also generate a large number of false positives.

The RTA solution simultaneously exploits a set of different models, based on profiling, rule correlation, UEBA and machine learning, which allow to analyse huge volumes of data.

Behavioral analysis occurs in real time, using a combination of unsupervised, supervised and statistical algorithms to find known and unknown threats. Detection techniques rely on user and entity behavior rather than relying on known signatures.

SOC Investigation & Analysis

Our Security Operation Center (SOC) mission is to continuously monitor and improve our customer’s posture giving a full MDR (Managed Detection and Response) experience.

We can setup a full outsourced service sized according to the Customer infrastructure or support the Customer to deploy and integrate our technologies for a local Security Operation Center (SOC)

Value Drivers

• Be Prepared and Respond quickly

A SOC increase the effectiveness of detection and response capabilities

• Technology, Processes & People Combined Together

We combined best practices in class technical aspects with human resources, advanced expertise and policies

This model let you to have a SOC at the best conditions (minimum involvement and controlled cost).

• Full Outsourcing With Full Visibility

This model let you to have a SOC at the best conditions (minimum involvement and controlled cost).

This model supplies competent and operational people available 24/7

How is it Different

1. 24/7 hardworking forces dedicated to preventing, detecting, assessing, and responding to the vulnerabilities. Highly skilled and organized team with the mission of continuously monitoring and improving the posture of an organization
2. Huge amount of data ingested, analysed and enriched from IT/OT ecosystem
3. Third parties tools integration with proper products and technologies for maximizing our security analysis
4. Your SOC is our SOC. We offer the same services that defend our network

Website link:  https://www.cy4gate.com/en/