SlideShare a Scribd company logo

Surelog Intelligence

Download as DOCX, PDF
Ertugrul Akbas
Ertugrul Akbas

SureLog is a next-generation SIEM solution with a powerful correlation engine. Its rule based correlation engine with taxonomy has a superior detection capability. Additionally, SureLog has a Machine Learning detection module. What machine learning offers is the ‘many-eyes' option. With the experienced scientist point of view SureLog has placed its bets on the combination of rule based correlation, human and machine intelligence in its most recent cybersecurity efforts, which reduces the time it takes to detect and respond to cyberattacks. A key differentiator is our unique approach to use machine learning, rule based correlation and human intelligence in parallel. SureLog was designed as a full scope tool that uses machine learning, rule based correlation algorithms and correlation framework for the security specialists to detect emerging threats.

Technology
1 of 2
Intelligence in SureLog SIEM ertugrulakbas@anetusa.net SureLog is a next-generation SIEM solution with a powerful correlation engine. Its rule based correlation engine with taxonomy has a superior detection capability. Additionally, SureLog has a Machine Learning detection module. What machine learning offers is the ‘many-eyes' option. With the experienced scientist point of view SureLog has placed its bets on the combination of rule based correlation, human and machine intelligence in its most recent cybersecurity efforts, which reduces the time it takes to detect and respond to cyberattacks. A key differentiator is our unique approach to use machine learning, rule based correlation and human intelligence in parallel. SureLog was designed as a full scope tool that uses machine learning, rule based correlation algorithms and correlation framework for the security specialists to detect emerging threats. Rule Based Correlation Engine Rule-based correlation uses traditional correlation logic to analyze collected information in real time. All logs, events, and network flows are correlated together with the power of taxonomy module. Real-time event correlation is all about proactively dealing with threats. Data breaches are on the rise and hackers use highly targeted attacks to intrude upon enterprise networks and steal sensitive data. Protecting your network data from attackers involves detecting security threats at its early stage. Security investigators need to determine whether a suspicious event or chain of security events that had happened on the network is a potential security threat or not. Manually investigating events across the network from various log sources and correlating them to formulate an attack pattern will be a herculean task for the security investigators. To effortlessly identify the possible intrusions in the network, you need to have an automated effective correlation engine that gives a complete scope of any security incident by building relationships between events happening across your network infrastructure. Detection Framework SureLog SIEM is a security platform which differs from many SIEM products. The main difference is; correlation engine is rule based plus a framework which you can embed your own logic. There is no restriction in the logic because you can develop your logic in JAVA including Machine learning, statistical methods and artificial intelligence. SureLog is ready for the fallowing libraries also.  https://www.tensorflow.org  http://mahout.apache.org  https://github.com/padreati/rapaio  http://commons.apache.org/proper/commons-math/  http://math.nist.gov/javanumerics/
As ANET, our mission is to build a software company that embraces an "open development philosophy" and provides innovative solutions in collaboration with customers specific needs. ANET is dedicated to providing the most technologically advanced, Intelligent Log Management Solution available today by enabling customers to efficiently tackle the daunting tasks involved with Log Management, while letting customers achieve compliance with the stringent government regulations. For more information pleasevisitwww.anetusa.net Behavior profiling: Automatically classifies and profiles all log and network activity by application, protocol, geography, network location, ports as well as many other categories, and tracks all related traffic statistics. Behavior analysis capabilities can be applied to all data parsed from log sources as this capability enhances rule-based correlation. Machine Learning SureLog ML module is a MLLib based Bayesian clustering algorithms to detect threats. MLlib is Spark’s machine learning (ML) library. The machine learning component of SureLog contains routines for performing suspicious connections analyses on traffic data. These analyses consume a collection of firewall events and produce a list of the events that are considered to be the least probable, and these are consider the most suspicious. SureLog infers a probabilistic model for the network behavior of each IP address. Each network log entry is assigned an estimated probability (score) by the model. The events with lower scores are flagged as “suspicious” for further analysis. SureLog unique method combining rule based correlation, machine learning and human intelligence amplifies security operations. SureLog’s scalability and machine learning capabilities support an ML-based applications that can run simultaneously to provide organizations with maximum analytic flexibility.

Recommended

Why taxonomy is critical
Why taxonomy is criticalWhy taxonomy is critical
Why taxonomy is criticalErtugrul Akbas
 
Which generation of siem?
Which generation of siem?Which generation of siem?
Which generation of siem?Ertugrul Akbas
 
Why SureLog?
Why SureLog?Why SureLog?
Why SureLog?Ertugrul Akbas
 
Php developer
Php developerPhp developer
Php developerErtugrul Akbas
 
SureLog SIEM
SureLog SIEMSureLog SIEM
SureLog SIEMErtugrul Akbas
 
SureLog SIEM Jobs
SureLog SIEM JobsSureLog SIEM Jobs
SureLog SIEM JobsErtugrul Akbas
 
Siem tools
Siem toolsSiem tools
Siem toolsErtugrul Akbas
 
Log correlation SIEM rule examples and correlation engine performance data
Log correlation SIEM rule examples and correlation engine performance dataLog correlation SIEM rule examples and correlation engine performance data
Log correlation SIEM rule examples and correlation engine performance dataErtugrul Akbas
 

Recommended

Why taxonomy is critical
Why taxonomy is criticalWhy taxonomy is critical
Why taxonomy is criticalErtugrul Akbas
 
Which generation of siem?
Which generation of siem?Which generation of siem?
Which generation of siem?Ertugrul Akbas
 
Why SureLog?
Why SureLog?Why SureLog?
Why SureLog?Ertugrul Akbas
 
Php developer
Php developerPhp developer
Php developerErtugrul Akbas
 
SureLog SIEM
SureLog SIEMSureLog SIEM
SureLog SIEMErtugrul Akbas
 
SureLog SIEM Jobs
SureLog SIEM JobsSureLog SIEM Jobs
SureLog SIEM JobsErtugrul Akbas
 
Siem tools
Siem toolsSiem tools
Siem toolsErtugrul Akbas
 
Log correlation SIEM rule examples and correlation engine performance data
Log correlation SIEM rule examples and correlation engine performance dataLog correlation SIEM rule examples and correlation engine performance data
Log correlation SIEM rule examples and correlation engine performance dataErtugrul Akbas
 
Security Event Analysis Through Correlation
Security Event Analysis Through CorrelationSecurity Event Analysis Through Correlation
Security Event Analysis Through CorrelationAnton Chuvakin
 
Epas - Enterprise Password Assessment Solution
Epas - Enterprise Password Assessment SolutionEpas - Enterprise Password Assessment Solution
Epas - Enterprise Password Assessment SolutionSeamus Hoole
 
SIEM Surelog Arcsight Qradar LogRhythm Alienvault Solarwinds LEM Performance...
SIEM Surelog Arcsight Qradar LogRhythm Alienvault Solarwinds LEM Performance...SIEM Surelog Arcsight Qradar LogRhythm Alienvault Solarwinds LEM Performance...
SIEM Surelog Arcsight Qradar LogRhythm Alienvault Solarwinds LEM Performance...Ertugrul Akbas
 
Operacionalize com alerta, dashboards customizados e linhas do tempo
Operacionalize com alerta, dashboards customizados e linhas do tempoOperacionalize com alerta, dashboards customizados e linhas do tempo
Operacionalize com alerta, dashboards customizados e linhas do tempoElasticsearch
 
Teri_Radichel_Top_5_Priorities_for_Cloud_Security
Teri_Radichel_Top_5_Priorities_for_Cloud_SecurityTeri_Radichel_Top_5_Priorities_for_Cloud_Security
Teri_Radichel_Top_5_Priorities_for_Cloud_SecurityTriNimbus
 
Detecting and Blocking Suspicious Internal Network Traffic
Detecting and Blocking Suspicious Internal Network Traffic Detecting and Blocking Suspicious Internal Network Traffic
Detecting and Blocking Suspicious Internal Network Traffic LogRhythm
 
Cybersecurity Basics for Non-Techie Startup Founders
Cybersecurity Basics for Non-Techie Startup FoundersCybersecurity Basics for Non-Techie Startup Founders
Cybersecurity Basics for Non-Techie Startup FoundersKristian Melquiades
 
Making Log Data Useful: SIEM and Log Management Together
Making Log Data Useful: SIEM and Log Management TogetherMaking Log Data Useful: SIEM and Log Management Together
Making Log Data Useful: SIEM and Log Management TogetherAnton Chuvakin
 
Cap gemini pitch
Cap gemini pitchCap gemini pitch
Cap gemini pitchNicolas Consigny
 
Tackle Unknown Threats with Symantec Endpoint Protection 14 Machine Learning
Tackle Unknown Threats with Symantec Endpoint Protection 14 Machine LearningTackle Unknown Threats with Symantec Endpoint Protection 14 Machine Learning
Tackle Unknown Threats with Symantec Endpoint Protection 14 Machine LearningSymantec
 
Usability vs. Security: How USP Secure Entry Server® (SES) Gives You Both – b...
Usability vs. Security: How USP Secure Entry Server® (SES) Gives You Both – b...Usability vs. Security: How USP Secure Entry Server® (SES) Gives You Both – b...
Usability vs. Security: How USP Secure Entry Server® (SES) Gives You Both – b...United Security Providers AG
 
USP SES and the Location Layer: Geolocation for adaptive Access Control and P...
USP SES and the Location Layer: Geolocation for adaptive Access Control and P...USP SES and the Location Layer: Geolocation for adaptive Access Control and P...
USP SES and the Location Layer: Geolocation for adaptive Access Control and P...United Security Providers AG
 
Using Logs for Breach Investigations and Incident Response by Dr Anton Chuvakin
Using Logs for Breach Investigations and Incident Response by Dr Anton ChuvakinUsing Logs for Breach Investigations and Incident Response by Dr Anton Chuvakin
Using Logs for Breach Investigations and Incident Response by Dr Anton ChuvakinAnton Chuvakin
 
Anton's 2020 SIEM Best and Worst Practices - in Brief
Anton's 2020 SIEM Best and Worst Practices - in BriefAnton's 2020 SIEM Best and Worst Practices - in Brief
Anton's 2020 SIEM Best and Worst Practices - in BriefAnton Chuvakin
 
SureLog intelligent response
SureLog intelligent responseSureLog intelligent response
SureLog intelligent responseErtugrul Akbas
 
How to expose shortcuts in competitive poc
How to expose shortcuts in competitive pocHow to expose shortcuts in competitive poc
How to expose shortcuts in competitive pocMoti Sagey מוטי שגיא
 
Hands on Security, Disrupting the Kill Chain, SplunkLive! Austin
Hands on Security, Disrupting the Kill Chain, SplunkLive! AustinHands on Security, Disrupting the Kill Chain, SplunkLive! Austin
Hands on Security, Disrupting the Kill Chain, SplunkLive! AustinSplunk
 
Automated incident response
Automated incident responseAutomated incident response
Automated incident responseSiemplify
 
A successful application security program - Envision build and scale
A successful application security program - Envision build and scaleA successful application security program - Envision build and scale
A successful application security program - Envision build and scalePriyanka Aash
 
Ch08 Microsoft Operating System Vulnerabilities
Ch08 Microsoft Operating System VulnerabilitiesCh08 Microsoft Operating System Vulnerabilities
Ch08 Microsoft Operating System Vulnerabilitiesphanleson
 
The future of cyber security
The future of cyber securityThe future of cyber security
The future of cyber securitySandip Juthani
 
Crypto sim_cryptolog_cryptospot_v3
Crypto sim_cryptolog_cryptospot_v3Crypto sim_cryptolog_cryptospot_v3
Crypto sim_cryptolog_cryptospot_v3Mustafa Kuğu
 

More Related Content

What's hot

Security Event Analysis Through Correlation
Security Event Analysis Through CorrelationSecurity Event Analysis Through Correlation
Security Event Analysis Through CorrelationAnton Chuvakin
 
Epas - Enterprise Password Assessment Solution
Epas - Enterprise Password Assessment SolutionEpas - Enterprise Password Assessment Solution
Epas - Enterprise Password Assessment SolutionSeamus Hoole
 
SIEM Surelog Arcsight Qradar LogRhythm Alienvault Solarwinds LEM Performance...
SIEM Surelog Arcsight Qradar LogRhythm Alienvault Solarwinds LEM Performance...SIEM Surelog Arcsight Qradar LogRhythm Alienvault Solarwinds LEM Performance...
SIEM Surelog Arcsight Qradar LogRhythm Alienvault Solarwinds LEM Performance...Ertugrul Akbas
 
Operacionalize com alerta, dashboards customizados e linhas do tempo
Operacionalize com alerta, dashboards customizados e linhas do tempoOperacionalize com alerta, dashboards customizados e linhas do tempo
Operacionalize com alerta, dashboards customizados e linhas do tempoElasticsearch
 
Teri_Radichel_Top_5_Priorities_for_Cloud_Security
Teri_Radichel_Top_5_Priorities_for_Cloud_SecurityTeri_Radichel_Top_5_Priorities_for_Cloud_Security
Teri_Radichel_Top_5_Priorities_for_Cloud_SecurityTriNimbus
 
Detecting and Blocking Suspicious Internal Network Traffic
Detecting and Blocking Suspicious Internal Network Traffic Detecting and Blocking Suspicious Internal Network Traffic
Detecting and Blocking Suspicious Internal Network Traffic LogRhythm
 
Cybersecurity Basics for Non-Techie Startup Founders
Cybersecurity Basics for Non-Techie Startup FoundersCybersecurity Basics for Non-Techie Startup Founders
Cybersecurity Basics for Non-Techie Startup FoundersKristian Melquiades
 
Making Log Data Useful: SIEM and Log Management Together
Making Log Data Useful: SIEM and Log Management TogetherMaking Log Data Useful: SIEM and Log Management Together
Making Log Data Useful: SIEM and Log Management TogetherAnton Chuvakin
 
Tackle Unknown Threats with Symantec Endpoint Protection 14 Machine Learning
Tackle Unknown Threats with Symantec Endpoint Protection 14 Machine LearningTackle Unknown Threats with Symantec Endpoint Protection 14 Machine Learning
Tackle Unknown Threats with Symantec Endpoint Protection 14 Machine LearningSymantec
 
Usability vs. Security: How USP Secure Entry Server® (SES) Gives You Both – b...
Usability vs. Security: How USP Secure Entry Server® (SES) Gives You Both – b...Usability vs. Security: How USP Secure Entry Server® (SES) Gives You Both – b...
Usability vs. Security: How USP Secure Entry Server® (SES) Gives You Both – b...United Security Providers AG
 
USP SES and the Location Layer: Geolocation for adaptive Access Control and P...
USP SES and the Location Layer: Geolocation for adaptive Access Control and P...USP SES and the Location Layer: Geolocation for adaptive Access Control and P...
USP SES and the Location Layer: Geolocation for adaptive Access Control and P...United Security Providers AG
 
Using Logs for Breach Investigations and Incident Response by Dr Anton Chuvakin
Using Logs for Breach Investigations and Incident Response by Dr Anton ChuvakinUsing Logs for Breach Investigations and Incident Response by Dr Anton Chuvakin
Using Logs for Breach Investigations and Incident Response by Dr Anton ChuvakinAnton Chuvakin
 
Anton's 2020 SIEM Best and Worst Practices - in Brief
Anton's 2020 SIEM Best and Worst Practices - in BriefAnton's 2020 SIEM Best and Worst Practices - in Brief
Anton's 2020 SIEM Best and Worst Practices - in BriefAnton Chuvakin
 
SureLog intelligent response
SureLog intelligent responseSureLog intelligent response
SureLog intelligent responseErtugrul Akbas
 
Hands on Security, Disrupting the Kill Chain, SplunkLive! Austin
Hands on Security, Disrupting the Kill Chain, SplunkLive! AustinHands on Security, Disrupting the Kill Chain, SplunkLive! Austin
Hands on Security, Disrupting the Kill Chain, SplunkLive! AustinSplunk
 
Automated incident response
Automated incident responseAutomated incident response
Automated incident responseSiemplify
 
A successful application security program - Envision build and scale
A successful application security program - Envision build and scaleA successful application security program - Envision build and scale
A successful application security program - Envision build and scalePriyanka Aash
 
Ch08 Microsoft Operating System Vulnerabilities
Ch08 Microsoft Operating System VulnerabilitiesCh08 Microsoft Operating System Vulnerabilities
Ch08 Microsoft Operating System Vulnerabilitiesphanleson
 

What's hot (20)

Security Event Analysis Through Correlation
Security Event Analysis Through CorrelationSecurity Event Analysis Through Correlation
Security Event Analysis Through Correlation
 
Epas - Enterprise Password Assessment Solution
Epas - Enterprise Password Assessment SolutionEpas - Enterprise Password Assessment Solution
Epas - Enterprise Password Assessment Solution
 
SIEM Surelog Arcsight Qradar LogRhythm Alienvault Solarwinds LEM Performance...
SIEM Surelog Arcsight Qradar LogRhythm Alienvault Solarwinds LEM Performance...SIEM Surelog Arcsight Qradar LogRhythm Alienvault Solarwinds LEM Performance...
SIEM Surelog Arcsight Qradar LogRhythm Alienvault Solarwinds LEM Performance...
 
Operacionalize com alerta, dashboards customizados e linhas do tempo
Operacionalize com alerta, dashboards customizados e linhas do tempoOperacionalize com alerta, dashboards customizados e linhas do tempo
Operacionalize com alerta, dashboards customizados e linhas do tempo
 
Teri_Radichel_Top_5_Priorities_for_Cloud_Security
Teri_Radichel_Top_5_Priorities_for_Cloud_SecurityTeri_Radichel_Top_5_Priorities_for_Cloud_Security
Teri_Radichel_Top_5_Priorities_for_Cloud_Security
 
Detecting and Blocking Suspicious Internal Network Traffic
Detecting and Blocking Suspicious Internal Network Traffic Detecting and Blocking Suspicious Internal Network Traffic
Detecting and Blocking Suspicious Internal Network Traffic
 
Cybersecurity Basics for Non-Techie Startup Founders
Cybersecurity Basics for Non-Techie Startup FoundersCybersecurity Basics for Non-Techie Startup Founders
Cybersecurity Basics for Non-Techie Startup Founders
 
Making Log Data Useful: SIEM and Log Management Together
Making Log Data Useful: SIEM and Log Management TogetherMaking Log Data Useful: SIEM and Log Management Together
Making Log Data Useful: SIEM and Log Management Together
 
Cap gemini pitch
Cap gemini pitchCap gemini pitch
Cap gemini pitch
 
Tackle Unknown Threats with Symantec Endpoint Protection 14 Machine Learning
Tackle Unknown Threats with Symantec Endpoint Protection 14 Machine LearningTackle Unknown Threats with Symantec Endpoint Protection 14 Machine Learning
Tackle Unknown Threats with Symantec Endpoint Protection 14 Machine Learning
 
Usability vs. Security: How USP Secure Entry Server® (SES) Gives You Both – b...
Usability vs. Security: How USP Secure Entry Server® (SES) Gives You Both – b...Usability vs. Security: How USP Secure Entry Server® (SES) Gives You Both – b...
Usability vs. Security: How USP Secure Entry Server® (SES) Gives You Both – b...
 
USP SES and the Location Layer: Geolocation for adaptive Access Control and P...
USP SES and the Location Layer: Geolocation for adaptive Access Control and P...USP SES and the Location Layer: Geolocation for adaptive Access Control and P...
USP SES and the Location Layer: Geolocation for adaptive Access Control and P...
 
Using Logs for Breach Investigations and Incident Response by Dr Anton Chuvakin
Using Logs for Breach Investigations and Incident Response by Dr Anton ChuvakinUsing Logs for Breach Investigations and Incident Response by Dr Anton Chuvakin
Using Logs for Breach Investigations and Incident Response by Dr Anton Chuvakin
 
Anton's 2020 SIEM Best and Worst Practices - in Brief
Anton's 2020 SIEM Best and Worst Practices - in BriefAnton's 2020 SIEM Best and Worst Practices - in Brief
Anton's 2020 SIEM Best and Worst Practices - in Brief
 
SureLog intelligent response
SureLog intelligent responseSureLog intelligent response
SureLog intelligent response
 
How to expose shortcuts in competitive poc
How to expose shortcuts in competitive pocHow to expose shortcuts in competitive poc
How to expose shortcuts in competitive poc
 
Hands on Security, Disrupting the Kill Chain, SplunkLive! Austin
Hands on Security, Disrupting the Kill Chain, SplunkLive! AustinHands on Security, Disrupting the Kill Chain, SplunkLive! Austin
Hands on Security, Disrupting the Kill Chain, SplunkLive! Austin
 
Automated incident response
Automated incident responseAutomated incident response
Automated incident response
 
A successful application security program - Envision build and scale
A successful application security program - Envision build and scaleA successful application security program - Envision build and scale
A successful application security program - Envision build and scale
 
Ch08 Microsoft Operating System Vulnerabilities
Ch08 Microsoft Operating System VulnerabilitiesCh08 Microsoft Operating System Vulnerabilities
Ch08 Microsoft Operating System Vulnerabilities
 

Similar to Surelog Intelligence

The future of cyber security
The future of cyber securityThe future of cyber security
The future of cyber securitySandip Juthani
 
Crypto sim_cryptolog_cryptospot_v3
Crypto sim_cryptolog_cryptospot_v3Crypto sim_cryptolog_cryptospot_v3
Crypto sim_cryptolog_cryptospot_v3Mustafa Kuğu
 
Overall Security Process Review CISC 6621Agend.docx
Overall Security Process Review CISC 6621Agend.docxOverall Security Process Review CISC 6621Agend.docx
Overall Security Process Review CISC 6621Agend.docxkarlhennesey
 
Seceon's aiXDR_ Automating Cybersecurity Threat Detection in 2023 - Seceon.pptx
Seceon's aiXDR_ Automating Cybersecurity Threat Detection in 2023 - Seceon.pptxSeceon's aiXDR_ Automating Cybersecurity Threat Detection in 2023 - Seceon.pptx
Seceon's aiXDR_ Automating Cybersecurity Threat Detection in 2023 - Seceon.pptxCompanySeceon
 
Titles with Abstracts_2023-2024_Cyber Security.pdf
Titles with Abstracts_2023-2024_Cyber Security.pdfTitles with Abstracts_2023-2024_Cyber Security.pdf
Titles with Abstracts_2023-2024_Cyber Security.pdfinfo751436
 
Top Cyber Threat Intelligence Tools in 2021.pdf
Top Cyber Threat Intelligence Tools in 2021.pdfTop Cyber Threat Intelligence Tools in 2021.pdf
Top Cyber Threat Intelligence Tools in 2021.pdfinfosec train
 
Use Exabeam Smart Timelines to improve your SOC efficiency
Use Exabeam Smart Timelines to improve your SOC efficiencyUse Exabeam Smart Timelines to improve your SOC efficiency
Use Exabeam Smart Timelines to improve your SOC efficiencyJonathanPritchard12
 
AIML-for-Network-Operations.pptx
AIML-for-Network-Operations.pptxAIML-for-Network-Operations.pptx
AIML-for-Network-Operations.pptxssuser818de4
 
CrAlSim: A Cryptography Algorithm Simulator
CrAlSim: A Cryptography Algorithm SimulatorCrAlSim: A Cryptography Algorithm Simulator
CrAlSim: A Cryptography Algorithm SimulatorIRJET Journal
 
SEIM-Microsoft Sentinel.pptx
SEIM-Microsoft Sentinel.pptxSEIM-Microsoft Sentinel.pptx
SEIM-Microsoft Sentinel.pptxAmrMousa51
 
Changing the Security Monitoring Status Quo
Changing the Security Monitoring Status QuoChanging the Security Monitoring Status Quo
Changing the Security Monitoring Status QuoEMC
 
Event mgt feb09
Event mgt feb09Event mgt feb09
Event mgt feb09pladott11
 
A PHASED APPROACH TO INTRUSION DETECTION IN NETWORK
A PHASED APPROACH TO INTRUSION DETECTION IN NETWORKA PHASED APPROACH TO INTRUSION DETECTION IN NETWORK
A PHASED APPROACH TO INTRUSION DETECTION IN NETWORKIRJET Journal
 
Open service risk correlation
Open service risk correlationOpen service risk correlation
Open service risk correlationfrantzyv
 
Hyperparameters optimization XGBoost for network intrusion detection using CS...
Hyperparameters optimization XGBoost for network intrusion detection using CS...Hyperparameters optimization XGBoost for network intrusion detection using CS...
Hyperparameters optimization XGBoost for network intrusion detection using CS...IAESIJAI
 

Similar to Surelog Intelligence (20)

The future of cyber security
The future of cyber securityThe future of cyber security
The future of cyber security
 
Crypto sim_cryptolog_cryptospot_v3
Crypto sim_cryptolog_cryptospot_v3Crypto sim_cryptolog_cryptospot_v3
Crypto sim_cryptolog_cryptospot_v3
 
Overall Security Process Review CISC 6621Agend.docx
Overall Security Process Review CISC 6621Agend.docxOverall Security Process Review CISC 6621Agend.docx
Overall Security Process Review CISC 6621Agend.docx
 
Seceon's aiXDR_ Automating Cybersecurity Threat Detection in 2023 - Seceon.pptx
Seceon's aiXDR_ Automating Cybersecurity Threat Detection in 2023 - Seceon.pptxSeceon's aiXDR_ Automating Cybersecurity Threat Detection in 2023 - Seceon.pptx
Seceon's aiXDR_ Automating Cybersecurity Threat Detection in 2023 - Seceon.pptx
 
Ijetr042329
Ijetr042329Ijetr042329
Ijetr042329
 
Titles with Abstracts_2023-2024_Cyber Security.pdf
Titles with Abstracts_2023-2024_Cyber Security.pdfTitles with Abstracts_2023-2024_Cyber Security.pdf
Titles with Abstracts_2023-2024_Cyber Security.pdf
 
UEBA
UEBAUEBA
UEBA
 
Correlog Overview Presentation
Correlog Overview PresentationCorrelog Overview Presentation
Correlog Overview Presentation
 
Reveelium Smart Predictive Analytics - Datasheet EN
Reveelium Smart Predictive Analytics - Datasheet ENReveelium Smart Predictive Analytics - Datasheet EN
Reveelium Smart Predictive Analytics - Datasheet EN
 
Top Cyber Threat Intelligence Tools in 2021.pdf
Top Cyber Threat Intelligence Tools in 2021.pdfTop Cyber Threat Intelligence Tools in 2021.pdf
Top Cyber Threat Intelligence Tools in 2021.pdf
 
Use Exabeam Smart Timelines to improve your SOC efficiency
Use Exabeam Smart Timelines to improve your SOC efficiencyUse Exabeam Smart Timelines to improve your SOC efficiency
Use Exabeam Smart Timelines to improve your SOC efficiency
 
Axxera ci siem
Axxera ci siemAxxera ci siem
Axxera ci siem
 
AIML-for-Network-Operations.pptx
AIML-for-Network-Operations.pptxAIML-for-Network-Operations.pptx
AIML-for-Network-Operations.pptx
 
CrAlSim: A Cryptography Algorithm Simulator
CrAlSim: A Cryptography Algorithm SimulatorCrAlSim: A Cryptography Algorithm Simulator
CrAlSim: A Cryptography Algorithm Simulator
 
SEIM-Microsoft Sentinel.pptx
SEIM-Microsoft Sentinel.pptxSEIM-Microsoft Sentinel.pptx
SEIM-Microsoft Sentinel.pptx
 
Changing the Security Monitoring Status Quo
Changing the Security Monitoring Status QuoChanging the Security Monitoring Status Quo
Changing the Security Monitoring Status Quo
 
Event mgt feb09
Event mgt feb09Event mgt feb09
Event mgt feb09
 
A PHASED APPROACH TO INTRUSION DETECTION IN NETWORK
A PHASED APPROACH TO INTRUSION DETECTION IN NETWORKA PHASED APPROACH TO INTRUSION DETECTION IN NETWORK
A PHASED APPROACH TO INTRUSION DETECTION IN NETWORK
 
Open service risk correlation
Open service risk correlationOpen service risk correlation
Open service risk correlation
 
Hyperparameters optimization XGBoost for network intrusion detection using CS...
Hyperparameters optimization XGBoost for network intrusion detection using CS...Hyperparameters optimization XGBoost for network intrusion detection using CS...
Hyperparameters optimization XGBoost for network intrusion detection using CS...
 

More from Ertugrul Akbas

BDDK, SPK, TCMB, Cumhurbaşkanlığı Dijital Dönüşüm Ofisi ve ISO27001 Denetiml...
BDDK, SPK, TCMB, Cumhurbaşkanlığı Dijital Dönüşüm Ofisi ve ISO27001 Denetiml...BDDK, SPK, TCMB, Cumhurbaşkanlığı Dijital Dönüşüm Ofisi ve ISO27001 Denetiml...
BDDK, SPK, TCMB, Cumhurbaşkanlığı Dijital Dönüşüm Ofisi ve ISO27001 Denetiml...Ertugrul Akbas
 
Olay Müdahale İçin Canlı Kayıtların Saklanmasının Önemi
Olay Müdahale İçin Canlı Kayıtların Saklanmasının ÖnemiOlay Müdahale İçin Canlı Kayıtların Saklanmasının Önemi
Olay Müdahale İçin Canlı Kayıtların Saklanmasının ÖnemiErtugrul Akbas
 
SOC ve SIEM Çözümlerinde Korelasyon
SOC ve SIEM Çözümlerinde KorelasyonSOC ve SIEM Çözümlerinde Korelasyon
SOC ve SIEM Çözümlerinde KorelasyonErtugrul Akbas
 
SIEM den Maksimum Fayda Almak
SIEM den Maksimum Fayda AlmakSIEM den Maksimum Fayda Almak
SIEM den Maksimum Fayda AlmakErtugrul Akbas
 
SureLog SIEM Fast Edition Özellikleri ve Fiyatı
SureLog SIEM Fast Edition Özellikleri ve FiyatıSureLog SIEM Fast Edition Özellikleri ve Fiyatı
SureLog SIEM Fast Edition Özellikleri ve FiyatıErtugrul Akbas
 
SureLog SIEM Fast Edition
SureLog SIEM Fast EditionSureLog SIEM Fast Edition
SureLog SIEM Fast EditionErtugrul Akbas
 
SureLog SIEM Has The Best On-Line Log Retention Time (Hot Storage).
SureLog SIEM Has The Best On-Line Log Retention Time (Hot Storage).SureLog SIEM Has The Best On-Line Log Retention Time (Hot Storage).
SureLog SIEM Has The Best On-Line Log Retention Time (Hot Storage).Ertugrul Akbas
 
Detecting attacks with SureLog SIEM
Detecting attacks with SureLog SIEMDetecting attacks with SureLog SIEM
Detecting attacks with SureLog SIEMErtugrul Akbas
 
SIEM ve KVKK Teknik Tedbirlerinin ANET SureLog SIEM ile uygulanması
SIEM ve KVKK Teknik Tedbirlerinin ANET SureLog SIEM ile uygulanması SIEM ve KVKK Teknik Tedbirlerinin ANET SureLog SIEM ile uygulanması
SIEM ve KVKK Teknik Tedbirlerinin ANET SureLog SIEM ile uygulanması Ertugrul Akbas
 
KVKK Siperium Data Analyzer & Data Discovery
KVKK Siperium Data Analyzer & Data DiscoveryKVKK Siperium Data Analyzer & Data Discovery
KVKK Siperium Data Analyzer & Data DiscoveryErtugrul Akbas
 

More from Ertugrul Akbas (20)

BDDK, SPK, TCMB, Cumhurbaşkanlığı Dijital Dönüşüm Ofisi ve ISO27001 Denetiml...
BDDK, SPK, TCMB, Cumhurbaşkanlığı Dijital Dönüşüm Ofisi ve ISO27001 Denetiml...BDDK, SPK, TCMB, Cumhurbaşkanlığı Dijital Dönüşüm Ofisi ve ISO27001 Denetiml...
BDDK, SPK, TCMB, Cumhurbaşkanlığı Dijital Dönüşüm Ofisi ve ISO27001 Denetiml...
 
Olay Müdahale İçin Canlı Kayıtların Saklanmasının Önemi
Olay Müdahale İçin Canlı Kayıtların Saklanmasının ÖnemiOlay Müdahale İçin Canlı Kayıtların Saklanmasının Önemi
Olay Müdahale İçin Canlı Kayıtların Saklanmasının Önemi
 
SOC ve SIEM Çözümlerinde Korelasyon
SOC ve SIEM Çözümlerinde KorelasyonSOC ve SIEM Çözümlerinde Korelasyon
SOC ve SIEM Çözümlerinde Korelasyon
 
SIEM den Maksimum Fayda Almak
SIEM den Maksimum Fayda AlmakSIEM den Maksimum Fayda Almak
SIEM den Maksimum Fayda Almak
 
SureLog SIEM Fast Edition Özellikleri ve Fiyatı
SureLog SIEM Fast Edition Özellikleri ve FiyatıSureLog SIEM Fast Edition Özellikleri ve Fiyatı
SureLog SIEM Fast Edition Özellikleri ve Fiyatı
 
Neden SureLog?
Neden SureLog?Neden SureLog?
Neden SureLog?
 
SureLog SIEM
SureLog SIEMSureLog SIEM
SureLog SIEM
 
SureLog SIEM Fast Edition
SureLog SIEM Fast EditionSureLog SIEM Fast Edition
SureLog SIEM Fast Edition
 
SureLog SIEM
SureLog SIEMSureLog SIEM
SureLog SIEM
 
SureLog SIEM
SureLog SIEMSureLog SIEM
SureLog SIEM
 
SureLog SIEM
SureLog SIEMSureLog SIEM
SureLog SIEM
 
SureLog SIEM
SureLog SIEMSureLog SIEM
SureLog SIEM
 
SureLog SIEM
SureLog SIEMSureLog SIEM
SureLog SIEM
 
SureLog SIEM Has The Best On-Line Log Retention Time (Hot Storage).
SureLog SIEM Has The Best On-Line Log Retention Time (Hot Storage).SureLog SIEM Has The Best On-Line Log Retention Time (Hot Storage).
SureLog SIEM Has The Best On-Line Log Retention Time (Hot Storage).
 
Detecting attacks with SureLog SIEM
Detecting attacks with SureLog SIEMDetecting attacks with SureLog SIEM
Detecting attacks with SureLog SIEM
 
SureLog SIEM
SureLog SIEMSureLog SIEM
SureLog SIEM
 
KVKK
KVKKKVKK
KVKK
 
SIEM ve KVKK Teknik Tedbirlerinin ANET SureLog SIEM ile uygulanması
SIEM ve KVKK Teknik Tedbirlerinin ANET SureLog SIEM ile uygulanması SIEM ve KVKK Teknik Tedbirlerinin ANET SureLog SIEM ile uygulanması
SIEM ve KVKK Teknik Tedbirlerinin ANET SureLog SIEM ile uygulanması
 
KVKK Siperium Data Analyzer & Data Discovery
KVKK Siperium Data Analyzer & Data DiscoveryKVKK Siperium Data Analyzer & Data Discovery
KVKK Siperium Data Analyzer & Data Discovery
 
SureLog SIEM Profiler
SureLog SIEM ProfilerSureLog SIEM Profiler
SureLog SIEM Profiler
 

Recently uploaded

Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfhans926745
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 

Recently uploaded (20)

Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 

Surelog Intelligence

  • 1. Intelligence in SureLog SIEM ertugrulakbas@anetusa.net SureLog is a next-generation SIEM solution with a powerful correlation engine. Its rule based correlation engine with taxonomy has a superior detection capability. Additionally, SureLog has a Machine Learning detection module. What machine learning offers is the ‘many-eyes' option. With the experienced scientist point of view SureLog has placed its bets on the combination of rule based correlation, human and machine intelligence in its most recent cybersecurity efforts, which reduces the time it takes to detect and respond to cyberattacks. A key differentiator is our unique approach to use machine learning, rule based correlation and human intelligence in parallel. SureLog was designed as a full scope tool that uses machine learning, rule based correlation algorithms and correlation framework for the security specialists to detect emerging threats. Rule Based Correlation Engine Rule-based correlation uses traditional correlation logic to analyze collected information in real time. All logs, events, and network flows are correlated together with the power of taxonomy module. Real-time event correlation is all about proactively dealing with threats. Data breaches are on the rise and hackers use highly targeted attacks to intrude upon enterprise networks and steal sensitive data. Protecting your network data from attackers involves detecting security threats at its early stage. Security investigators need to determine whether a suspicious event or chain of security events that had happened on the network is a potential security threat or not. Manually investigating events across the network from various log sources and correlating them to formulate an attack pattern will be a herculean task for the security investigators. To effortlessly identify the possible intrusions in the network, you need to have an automated effective correlation engine that gives a complete scope of any security incident by building relationships between events happening across your network infrastructure. Detection Framework SureLog SIEM is a security platform which differs from many SIEM products. The main difference is; correlation engine is rule based plus a framework which you can embed your own logic. There is no restriction in the logic because you can develop your logic in JAVA including Machine learning, statistical methods and artificial intelligence. SureLog is ready for the fallowing libraries also.  https://www.tensorflow.org  http://mahout.apache.org  https://github.com/padreati/rapaio  http://commons.apache.org/proper/commons-math/  http://math.nist.gov/javanumerics/
  • 2. As ANET, our mission is to build a software company that embraces an "open development philosophy" and provides innovative solutions in collaboration with customers specific needs. ANET is dedicated to providing the most technologically advanced, Intelligent Log Management Solution available today by enabling customers to efficiently tackle the daunting tasks involved with Log Management, while letting customers achieve compliance with the stringent government regulations. For more information pleasevisitwww.anetusa.net Behavior profiling: Automatically classifies and profiles all log and network activity by application, protocol, geography, network location, ports as well as many other categories, and tracks all related traffic statistics. Behavior analysis capabilities can be applied to all data parsed from log sources as this capability enhances rule-based correlation. Machine Learning SureLog ML module is a MLLib based Bayesian clustering algorithms to detect threats. MLlib is Spark’s machine learning (ML) library. The machine learning component of SureLog contains routines for performing suspicious connections analyses on traffic data. These analyses consume a collection of firewall events and produce a list of the events that are considered to be the least probable, and these are consider the most suspicious. SureLog infers a probabilistic model for the network behavior of each IP address. Each network log entry is assigned an estimated probability (score) by the model. The events with lower scores are flagged as “suspicious” for further analysis. SureLog unique method combining rule based correlation, machine learning and human intelligence amplifies security operations. SureLog’s scalability and machine learning capabilities support an ML-based applications that can run simultaneously to provide organizations with maximum analytic flexibility.