Loading . . .
Description:
APT Framework - is a specialized analytical use case for SIEM, which is designed for the most popular SIEM systems in the world: ArcSight, IBM QRadar and Splunk. Use Case allows to monitor the company's infrastructure constantly and to detect signs of APT using the methodology of Lockheed Martin Cyber Kill Chain. The module uses different methods of statistical profiling and behavioral analysis to allow the most efficient use of existing technologies, such as IDS / IPS, FW, Proxy, Anti-virus, Vulnerability Scanners, etc.