Security Information & Event management Solution

Security Information & Event management (SIEM) is a powerful system to detect attack, hidden in thousands per second event logs. SIEM does this by:

  • Collecting and consolidating logs from various systems (i.e. Firewall, IPS, Anti Malware, UNIX, Windows, Linux, Applications, Database, etc.)
  • Normalizing logs into single format
  • Enriching normalized event with critical risk management information
  • Correlate events to detect attack
  • Alert Security Team on detected attack
  • Store attack events data and generate historical events reporting

At Lentice, SIEM capability is expanded even more comprehensive. Our Security Life-cycle Management is able to automatically perform Triage by evaluating attacked asset vulnerability, actual available service, assess attack impact on asset (availability, confidentiality and integrity), and finally decide priority level of the incident.

Lentice has extensive experience in implementing SIEM in large organization. We have integrated thousands of systems with various SIEM solutions, such HP ArcSight, IBM Guardium and Novell Sentinel. Please click here for list of our out-of-the-box SIEM connectors.

For further information, please contact us at info@lentice.com