Enhanced rules in Defensys SIEM

13/11/2024

Enhanced rules in Defensys SIEM

The number of cyber threats increases rapidly. Year by year emerge new malware and hacker groups that can undermine the continuity of companies’ business processes. To protect themselves, organizations need reliable tools that can help them withstand today’s cyber threats, one of them is the Defensys SIEM.

Defensys analysts team pays considerable attention to the development of in-house expertise packages, focusing on the quality, relevance and timeliness of rules in the Defensys SIEM. Special feature of the technology is the convenience and flexibility of working with collected events: the solution provides a multifunctional set of tools for creating, testing and operating rules for detecting attacks and threats.

Defensys takes into account the needs of customers, so the product can be easily adapted to work with various event sources, including information security tools from well-known vendors and operating systems, and others. A wide range of systems supported by the Defensys SIEM allows users to quickly configure sources and subsequent event collection to quickly identify threats and develop effective measures to eliminate them.

The Defensys SIEM is a modern technology for ensuring companies’ information security. It allows users to quickly and accurately identify threats, as well as to develop measures to prevent them. Thanks to its versatility and flexibility, the Defensys SIEM can be used in various industries and companies, regardless of their size and activity scope.

“Before creating detection rules, analyst teams perform a detailed analysis of recent attack tools and mechanisms. This enables the most accurate and complete identification of markers that are subsequently used for rules creation. When preparing rules, the team of experts focuses on rules testing and validation in real infrastructures, which allows to significantly reduce the number of false positives. The coordinated work of Defensys experts helps customers to receive up-to-date expertise packages in a timely manner. At the moment, the rules supplied in expertise packages cover the majority of MITRE ATT&CK techniques and tactics“- commented Andrey Chechetkin, Defensys CEO.