Security Intelligence 2017-07-18T13:09:02+00:00

Security Intelligence

Real-time Security Monitoring & Alerting

With Logtrust´s solution you will be able to manage every aspect of your security. Use our powerful query, correlation and reporting tool, create dashboards to keep you informed in real-time about your most important information, and monitor your systems and users’ activity and more.

Logtrust provides a set of generic alerts and correlation libraries that can be activated as soon as you begin sending properly tagged logs to our application.

We have libraries for: Attack detection (on infrastructure, system, webservers and applicator servers); user and/or system activities tracking; behavioral analytics which alerts you to any change in the system’s/ user behavior; and system monitoring, etc.

Additionally, the user can define custom alerts based on the searches they’re generating within the application; these alerts can be of two kinds:

  • Alerts that are generated for each detected event
  • Alerts that are generated when a given amount of events occur during a given period of time.

All the alerts are delivered in real-time (when triggered) via your chosen mechanism (email, sms, Jira, Service Desk, Pushover, PagerDuty, Logtrust mobile application and/or Logtrust web application). You can also set delivery policies, such as defining a user or group of users that will receive an alert or group of alerts, or set a specific time when you wish an alert to be delivered (or times when you don’t want to receive alerts), and set repetition periods for alerts etc.

Logtrust also provides an alert management application that allows the customer to see their alerts in detail and filter them by type, date, open/closed…; access a fully administrative dashboard containing a histogram, pie charts and timeline; mark the alerts as open or closed and add comments and/or define tasks for each alert.

Pinpoint and diagnose issues:

Besides helping with the proactive detection of any issue thanks to our security alerts, Logtrust also helps you to identify its source and cause.

The Logtrust geo-location system allows you to identify the IP and location of an attack, and when the issue is internal you can also identify the machine and user that generated the problem. With the Logtrust powerful correlation engine you can find out what caused the problem, when it happened and why.

Forensic analytics:

Logtrust provides an external location for your system to safely store its information. If you’re subject to an attack and/or intrusion, the attacker will probably try to cover their tracks; the Logtrust system ensures that nothing will be able to cover up what occurred in your logs.

By combining the information from every system involved, you will be able to generate a timeline for the incident in question, draw everything that happened and detail how the intrusion occurred and where it took place.

Logtrust doesn’t have limitations on the size of information, it allows you to analyze years of data retention and petabytes of information in real-time, so that, when necessary you’ll be able to run correlation and analyze past information, run behavioral analytics and easily comply with security audits.

With Logtrust´s solution you will be able to manage every aspect of your security. Use our powerful query, correlation and reporting tool, create dashboards to keep you informed in real-time about your most important information, and monitor your systems and users’ activity and more.

  • Preventive security
  • Pinpoint and diagnose issues
  • Forensic analytics
  • Chief Security Officers
  • Security Administrators
  • System Administrators
  • Chief Compliance Officers
  • Chief Information Officers
  • Chief Technology Officers
  • IPs
  • Firewalls
  • Routers
  • Servers
  • Proxys
  • Webservers