Defensys SIEM 1.6: distributed correlator for performance optimization

29/10/2024

Defensys SIEM 1.6: distributed correlator for performance optimization

Defensys, the developer of cybersecurity solutions, continues to keep Defensys SIEM development at a high pace and is ready to announce the release of the new version 1.6. The version includes improvements of correlation rules handling, as well as enhanced scalability, additional control, and user management.

A new module of distributed correlator available while setting up a collector has been added to the Defensys SIEM 1.6. Now resources of several nodes in a cluster can be used for synchronized events handling. Thanks to this correlation resources can be horizontally scaled with available physical machines for numerous events handling saving the cost of large configurations.

The Defensys team has paid particular attention to companies with huge infrastructures for whom a flexible role model is extremely important. Therefore, the developers have implemented the multitenancy in the new version, thanks to which it’s possible to centrally manage one solution to protect several organization’s branches or different organizations within one interface.

The developer has also provided a flexible restrictions system through permission groups and roles, this includes the ability to distribute access roles and create user groups with absolutely unique permissions. Accordingly, the password policy sets requirements for the passwords’ strength and use for personal accounts, which increases the security of the system.

In addition, the Defensys SIEM now has the snippet functionality to manage function templates that are used when developing correlation and normalization rules. For example, if a code fragment should be used in several programs, it can be saved as a snippet, then applying this snippet users can add it to the necessary code parts in programs.

 “At Defensys we develop technologies based on customer feedback. We are constantly improving our products, adding new features and making them more user-friendly. These improvements respond to a key customer demand for system scalability and control. And the distributed correlation functionality opens up new opportunities for our customers.“ - 
commented Andrey Chechetkin, Defensys CEO.