Loading . . .
Register   or Login

APT Framework - is a specialized analytical use case for SIEM, which is designed for the most popular SIEM systems in the world: ArcSight, IBM QRadar and Splunk. Use Case allows to monitor the company's infrastructure constantly and to detect signs of APT using the methodology of Lockheed Martin Cyber Kill Chain. The module uses different methods of statistical profiling and behavioral analysis to allow the most efficient use of existing technologies, such as IDS / IPS, FW, Proxy, Anti-virus, Vulnerability Scanners, etc. Now it also displays Hosts vulnerable to Meltdown and Spectre attacks to help SIEM administrators define primary targets to install security updates.
Other integrations: