Security Information and Event Management (SIEM)

SAVANTURE’s SIEM was built from the ground up with scalability, performance, and intelligence in mind. Based on the carrier-class architecture of SAVANTURE’s SAGE Analytics Platform TM , SAVANTURE’s SIEM is a modular Managed Security Services platform which enables the collection and analysis of data from the cloud, mobile, virtual and customer premise based assets and applications. The base system configuration consists of four components, a secure data collection system named Sentinel, the gateway, a distributed storage architecture leveraging a combination of database and Big Data technologies, and PredictiveViewTM the secure management portal.

In contrast to some competing products that store event information in a general-purpose database, our unique combination of Big Data technology combined with a purpose designed database schema was designed to handle extremely large volumes of event data from the ground up. The result: an 18,000 percentage gain in performance under load when compared to conventional databases. With our high performance hybrid Big Data and database approach, our cost structure and performance are unsurpassed.

Because of our performance capabilities, when it comes to the critical task of event correlation our results get even better. Through years of real-world security experience, we’ve developed and implemented an unsurpassed inventory of

    • detection algorithms that identify real anomalies,
    • baselining on an application type at a service, IP pair, port and payload level
    • adaptive logic that monitors for rare occurrences of activities and low frequency penetration attempts
    • automated correlation that integrates health and vulnerability data

SAVANTURE Security Services

SAVANTURE’s Cloud Based Security Services Providing Continuous Monitoring in a SaaS, MSS, MSSP model.

Risk Picture

All of which, and more, allows for more accurate alerting on real security events and escalating threats, thus minimizing false positives. With many customers already using SIEM and MSSP services, we have seen a 100X greater “confirmed kill rate” and a 10X reduction in unnecessary alerts. Our pinpoint accuracy and rapid threat detection provides a level of protection in the marketplace like no other service.

 

Over a decade of real-world experience makes SAVANTURE’s SIEM Solution for corporate and enterprise networks the most usable SIEM in the industry. Our intuitive user interface and advanced event correlation capabilities help protect valuable network and computing resources without adding staff. Protecting you data and providing continuous information assurance is what we live for 24×7.

 

Built from the ground up with scalability, performance, and intelligence in mind, our capabilities include:

  • Pinpoint accuracy and rapid threat detection that helps customers identify and isolate security breaches as they happen
  • Hybrid Big Data and database architecture that provides unprecedented scale and performance benefits
  • An integrated trouble ticket system that allows us to store complex data and troubleshooting structures and present them in an easy to understand interface, as well as easily integrate the data into your workflow and ticketing system
  • End-to-end secure, reliable log and data handling. The event handling technology is engineered to handle extreme fluctuations in large volumes of firewall and IDS event information, protecting the integrity of the logs from collection to analysis and beyond
  • Extensive reporting capabilities with over 200 out of the box reporting modules and countless customer configurable customizations

Learn More about our SIEM Solution

Benefits

What really matters to you? Receiving the highest degree of security at the lowest total cost with the best features. We get it. We can help. MORE…

Features

Low false positives, high degree of accuracy, relevant to what’s important specific to you and your company, and ease of use. We understand. We can help. MORE…

Case Studies

How does this apply to my real-world environment? We’ve helped others and here are a few examples. Here you go. We can help. MORE…

White Papers

There are so many variables, I’m just nor sure what to ask. Don’t be afraid to call and ask, but in case you want to read a little more, click to get more information. We can help. MORE…

SAVANTURE’s SIEM

SAVANTURE’s SIEM was built from the ground up with scalability, performance, and intelligence in mind. Based on the carrier-class architecture of SAVANTURE’s PredictiveView Analytics Platform TM , SAVANTURE’s SIEM is a modular Managed Security Services Platform which enable the collection and analysis of data from both cloud based and customer premise based assets and applications. The base system configuration consists of four components, a secure data collection system named Sentinel, the gateway, a distributed storage architecture leveraging a combination of database and Big Data technologies, and thesecure management portal. For small installations, these can be installed as software modules on a single high performance server or delivered entirely from the cloud. Customers with mid-sized network can run these on blade server systems or virtual VMware machines. For very large carrier and enterprise installations, our system features Infinite Horizontal ScalabilityTM, the ability to add system capacity and resiliency simply by installing additional servers in parallel.

In contrast to some competing products that store event information in a general-purpose database, our unique combination of Big Data technology combined with a purpose designed database schema was designed to handle extremely large volumes of event data from the ground up. The result: an 18,000 percentage gain in performance under load when compared to conventional databases. With our high performance hybrid Big Data and database approach, our cost structure and performance are unsurpassed.

SAVANTURE is able to provide higher value, lower costs and a set of world class products and services by leveraging our global team of subject matter expertise, geographically localized leadership with each having decades of information risk management experience.

Product and Services Overview

While our customers benefit from the added “human experience and knowledge” within our each product in our suite of services, we have taken a much more aggressive approach in integrating a senior security leader into our flagship solution, Genesis5.

 

  • The Genesis5 Managed Security Services Solution

    Seamless integration of best practices with technology … Leverage best practices for policy, rule creation, with the support of a virtual team of experts, an industry veteran interface assisting you, combined with the technology integration of SIEM, LMS, VMS, 2FA that is Genesis5. How do you catch Advanced Persistence Threats?  How about the kids huddled in a garage down the road?  You know it’s not just great technology.  You know it’s not just great people.  And you certainly know it’s not about meeting regulatory requirements and having a governance program in place.  It’s about intelligence on a global scale of what’s happening, what’s likely to happen, where great people are supported by excellent technology and proper programs to support compliance and governance with a clear prioritized plan of execution supported by experienced individuals.  We are Savanture.  We can help.  Gensis5 is that solution that makes it all come together.Read more.

    The foundational cores of our solutions, including Genesis5, are delivered through the following products packages which can be purchase individually, combined or as an integrated suite:

 

 

VERTICAL MARKET APPROACH

We further customize this based on the vertical market in which you operate.  Each industry not only has specific Governance, Regulatory and Compliance requirements, but they often have specific technologies that must be integrated and considered into the overall defensive plan, policies, and risk approach.  We work actively with each customer to create the optimal solutions to meet their needs.  We have solution packages that provide specific approaches for each of the following industry segments:

CARRIER CLASS PLATFORM RELIABILITY

At the heart of our security service is our Security Intelligence and Operations Centers (SIOC), a state-of-the-art facility staffed with a team of engineers, analyst and technicians hand-picked for their network and security management expertise.

Common Platform Characteristics
To provide the highest level of availability and reliability, this facility features the latest advances in building security, surveillance, network redundancy, and power generation and backup. The SAVANTURE SIOCs operates on a continuous 24x7x365 schedule.

Mission critical systems protection and redundancy capabilities include:

  • We follow the same advice we provide our largest enterprise clients when it comes to protecting our own infrastructure:
    • Dual facility and system redundancy
    • 24×7 monitoring of all key network components and servers, including firewalls, intrusion detection systems, routers, VPNs, and more
    • Full logging of all systems
    • Continuous network vulnerability scanning
    • Integrated multi-tier authentication across the platform
    • Quarterly penetration test
    • Infinite Horizontal Scalability to allow us to dynamically add system capacity as more customers and devices leverage our services
    • SSAE 16, previously SAS 70, facilities certification

 

Contact Salesand we can answer any questions or get you started now.

Learn about our company, read what media and analysts have to say about SAVANTURE, or find open positions and become part of our team.
We are here to earn your trust, and your business.

 

  • SAVANTURE Services are best in class and provide the most optimal cost performance solution in the marketplace allowing you to focus on your business
  • Best in class offerings allow us to protect your revenue, reputation and regulatory compliance better than any other solution in the marketplace
  • Flexibility in deployment methods allow a low cost entry option, while breath of services allow you to increase your protection logically over time as threats change and regulatory requirements evolve
  • SAVANTURE allows you to leverage best in class or take advantage of SAVANTURE’s Genesis5
  • Ease of deployment and ease of use while always being cost-effective, reliable, and secure
CONTACT USand we can answer any questions or get you started now.

 

  • Security Information and Incident Management (SIEM)

    Real-time analysis and alerting through automated analysis and correlation of event logs, combined with ongoing per customer reviews and analysis, integration with vulnerability scans and new vulnerability threat data, trend, and 3rd party intelligence source creates the most accurate SIEM in the industry.  Unlike any other cloud SIEM, we don’t leave it to you to tune, we do that for you and its included in each Managed SIEM In the Cloud package we provide.  We support this trough advanced features rarely found in other SIEMs.  Read more.

  • Log Management Service

    Regulatory requirements, forensics, and best practices drive the requirements to retain system and application logs from 1 year to over 7 years.   The secret sauce to our success with LMS?  Listen to our customers and provideease of search and provide reporting thatallows for logical deciphering of useful business intelligence from the millions of reference logs.  While LMS is not intended to be a real-time SIEM, it does also provide some lite features for analysis, alerting and of course reporting.  Our LMS is not built on database technology, rather a true Big Data platform that provides enhanced search and reporting capabilities like a database, while better performance, cost economies, and scale data structure.  Read more.

  • Vulnerability Management Service

    Scan your assets for vulnerabilities regularly and on demand when new vulnerabilities arise, new assets are added, or to validate fixes.  VMS is a cloud-based suite of security and compliance solutions that automatically interrogates your network devices, servers and applications, whether Internet perimeter systems, as well as your internal computers. With SAVANTURE’s VMS, you can discover where you have vulnerabilities and weaknesses – and we prioritize the necessary fixes and changes so critical risk issues can we deterred fast before they are exploited. VMS helps you address compliance mandates such as NIST/Government, PCI, HIPAA, FISMA and others that require you to audit the devices and applications on a periodic basis and fix any high priority and critical vulnerabilities, as well as configuration violations. VMS is delivered as a stand-alone product or can be integrated into SIEM. Read more.

  • Authentication and Two-Factor Authentication

    Unique to the industry, we provide our SIEM module with most Two Factor Authentication (2FA) deployments.  Why?  Because 2FA can be deployed to only validate particular applications and user roles (i.e. Administrators), we as an industry most assume that someone could make a configuration error when implementing the service on a server, device or application.  With that understanding, you should actively collect and compare authentication records from each destination system or application with the authentication logs from the 2FA solution … we do that.  If there is a discrepancy, we alert you as a high priority event.  Meet regulatory requirements and provide an easy to use, easy to implement, second factor authentication for your remote user access (such as VPN) to critical systems. Read more.

  • Consulting and Professional Services

    Sometimes you need help.Read more.