SIEM Features
Learn about our platform’s key features, which are designed to monitor, detect, and respond to cyberattacks before they impact your organization.
Platform Fundamentals
Adlumin’s platform is based on three fundamental tenants including cost efficiency, ease-of-use, and simple integration. Using a cloud native, server-less architecture, Adlumin can control the resource-to-performance requirements for customers—a huge cost benefit for customers. Our SIEM uses Artificial Intelligence and Machine Learning to write its own rules, so customers aren’t required to for the technology to work. Lastly, deployment takes less than 90 minutes, and doesn’t include any hardware or software integrations.
Three SIEM Components
Network Health and Compliance
Facilitate your compliance objectives and proactively make your network stronger before a breach occurs. Your organization will always discover threats, malfunctions, and IT operations failures in real-time. Adlumin actively searches the network for compliance violations in real-time, keeping you fully informed along the way.
Detection and Artificial Intelligence
Adlumin’s SIEM gives you Artificial Intelligence and Machine Learning in the form of User & Entity Behavior Analytics (UEBA) to automatically write, and re-write your SIEM rules dynamically as your network traffic changes. You will always be notified in every alert notification about why network behavior triggers a detection.
Data Research and Log Management
Adlumin has built into the SIEM platform the ability to quickly and expertly scope a potential breach using research tools that will help you visualize access for every account and system on your network. Correlates all user and account activity with the every protected system on the network in one quick step.
Three SIEM Components
Network Health and Compliance
Facilitate your compliance objectives and proactively make your network stronger before a breach occurs. Your organization will always discover threats, malfunctions, and IT operations failures in real-time. Adlumin actively searches the network for compliance violations in real-time, keeping you fully informed along the way.
Detection and Artificial Intelligence
Adlumin’s SIEM gives you Artificial Intelligence and Machine Learning in the form of User & Entity Behavior Analytics (UEBA) to automatically write, and re-write your SIEM rules dynamically as your network traffic changes. You will always be notified in every alert notification about why network behavior triggers a detection.
Data Research and Log Management
Adlumin has built into the SIEM platform the ability to quickly and expertly scope a potential breach using research tools that will help you visualize access for every account and system on your network. Correlates all user and account activity with the every protected system on the network in one quick step.
World-Class Analytics
User & Entity Behavior Analytics
Adlumin uses proprietary Artificial Intelligence and Machine Learning algorithms to analyze account-based threats and write your SIEM rules. Compromised accounts are part of almost every financial intrusion.
- User & Entity Behavior Analytics (UEBA): Adlumin uses proprietary UEBA data science to identify, detect, analyze, and prioritize anomalous behavior—without any input from your cybersecurity team—that will likely present a risk to your network’s security in real-time.
- Scenario Based Threat Models: Adlumin provides scenario-based threat models to determine when an account exceeds its baseline pattern of behavior.
- Prevent Privilege Abuse and Account Takeover: Adlumin uses Artificial Intelligence to detect known and unknown threats—specifically when determining an insider threat, account takeover, and privilege abuse or misuse.
World-Class Analytics
User & Entity Behavior Analytics
Adlumin uses proprietary Artificial Intelligence and Machine Learning algorithms to analyze account-based threats and write your SIEM rules. Compromised accounts are part of almost every financial intrusion.
- User & Entity Behavior Analytics (UEBA): Adlumin uses proprietary UEBA data science to identify, detect, analyze, and prioritize anomalous behavior—without any input from your cybersecurity team—that will likely present a risk to your network’s security in real-time.
- Scenario Based Threat Models: Adlumin provides scenario-based threat models to determine when an account exceeds its baseline pattern of behavior.
- Prevent Privilege Abuse and Account Takeover: Adlumin uses Artificial Intelligence to detect known and unknown threats—specifically when determining an insider threat, account takeover, and privilege abuse or misuse.
One-Touch Compliance Reporting
FFIEC CAT and NCUA ACET Compliance
Adlumin’s reporting features are developed based on direct feedback from our customers. They can be downloaded in seconds and handed directly to financial auditors, or they can be scheduled and delivered to your inbox on a weekly, monthly, or quarterly basis.
- FFIEC Inherent Risk and Cyber Maturity Risk Models are built completely into the platform and all questions reflect official FFIEC reports.
- NCUA’s Automated Cybersecurity Examination Tool (ACET) assess the cybersecurity maturity of an organization and prepares them for the NCUA’s cyber examination requirements.
- Financial Institution Designed Reports separate Adlumin’s reporting from other SIEMs not designed for the financial compliance.
One-Touch Compliance Reporting
FFIEC CAT and NCUA ACET Compliance
Adlumin’s reporting features are developed based on direct feedback from our customers. They can be downloaded in seconds and handed directly to financial auditors, or they can be scheduled and delivered to your inbox on a weekly, monthly, or quarterly basis.
- FFIEC Inherent Risk and Cyber Maturity Risk Models are built completely into the platform and all questions reflect official FFIEC reports.
- NCUA’s Automated Cybersecurity Examination Tool (ACET) assess the cybersecurity maturity of an organization and prepares them for the NCUA’s cyber examination requirements.
- Financial Institution Designed Reports separate Adlumin’s reporting from other SIEMs not designed for the financial compliance.
Integrated Threat Intelligence in Real-Time
Threat Intelligence Portal
Adlumin’s Threat Intelligence Portal (ATIP) allows for real-time search of individual IP addresses across multiple threat data sources. Additionally, incoming device data from firewalls, VPN servers, and network security appliances is scanned using the world’s largest crowd-sourced threat intelligence platform, with more than 100,000 members across 140 countries.
- Collaborative Defense: It enables collaborative defense with actionable, community-powered threat data.
- Automated TIP Analysis on Network Traffic: Adlumin users will receive notifications in the form of a detection if any incoming event contains an IP address that has been deemed potentially malicious.
- Adlumin’s Threat Intelligence Portal provides an intermediate level of FFIEC CAT Domain 2 Compliance as well.
Integrated Threat Intelligence in Real-Time
Threat Intelligence Portal
Adlumin’s Threat Intelligence Portal (ATIP) allows for real-time search of individual IP addresses across multiple threat data sources. Additionally, incoming device data from firewalls, VPN servers, and network security appliances is scanned using the world’s largest crowd-sourced threat intelligence platform, with more than 100,000 members across 140 countries.
- Collaborative Defense: It enables collaborative defense with actionable, community-powered threat data.
- Automated TIP Analysis on Network Traffic: Adlumin users will receive notifications in the form of a detection if any incoming event contains an IP address that has been deemed potentially malicious.
- Adlumin’s Threat Intelligence Portal provides an intermediate level of FFIEC CAT Domain 2 Compliance as well.
24/7 Search for Leaked Accounts on the Deep and Dark Web
Darknet Exposure Module
Adlumin’s Darknet Exposure Module has the ability to extend defensive capabilities beyond your firewalls, endpoints, and security devices into Russian ID theft forums and the criminal underground.
- Deep & Dark Web Leaked Account Scanning: Using data collected from both OEM partners and Adlumin, we can make effective quantification of risk associated with a specified data breach or credential leak, which helps prevents account take overs and credential stuffing attacks.
- Protects All Domain Accounts: For critical (Privileged Accounts) and high (Unprivileged Accounts) severity breaches, Adlumin determines when a leaked account is potentially useable on the protected network.
- Automated Notification and Password Reset: Adlumin can initiate an automated victim notification (to include the user and security team), and force a password reset of the business domain account that was leaked.
24/7 Search for Leaked Accounts on the Deep and Dark Web
Darknet Exposure Module
Adlumin’s Darknet Exposure Module has the ability to extend defensive capabilities beyond your firewalls, endpoints, and security devices into Russian ID theft forums and the criminal underground.
- Deep & Dark Web Leaked Account Scanning: Using data collected from both OEM partners and Adlumin, we can make effective quantification of risk associated with a specified data breach or credential leak, which helps prevents account take overs and credential stuffing attacks.
- Protects All Domain Accounts: For critical (Privileged Accounts) and high (Unprivileged Accounts) severity breaches, Adlumin determines when a leaked account is potentially useable on the protected network.
- Automated Notification and Password Reset: Adlumin can initiate an automated victim notification (to include the user and security team), and force a password reset of the business domain account that was leaked.
Managed Compliance, Detection, and Response
OVERWATCH
OVERWATCH is our 24/7 Security Operations Center (SOC) service, which quickly enhances your organization’s threat detection and response times by continuously scanning your network and host for vulnerabilities.
- Professional quarterly vulnerability network and host scans with reports for a clear and global view of the entire risk landscape (e.g. outdated software, weak passwords, dangerous open ports, missing patches, etc.).
- Real-time monitoring, detection, and response to potential intrusions through historical trending on security-relevant data sources.
- Single point-of-contact for your OVERWATCH 24/7 SOC service.
- Learn more about our 24/7 SOC Service here.
Managed Compliance, Detection, and Response
OVERWATCH
OVERWATCH is our 24/7 Security Operations Center (SOC) service, which quickly enhances your organization’s threat detection and response times by continuously scanning your network and host for vulnerabilities.
- Professional quarterly vulnerability network and host scans with reports for a clear and global view of the entire risk landscape (e.g. outdated software, weak passwords, dangerous open ports, missing patches, etc.).
- Real-time monitoring, detection, and response to potential intrusions through historical trending on security-relevant data sources.
- Single point-of-contact for your OVERWATCH 24/7 SOC service.
- Learn more about our 24/7 SOC Service here.
Ready to demo?
Schedule a briefing and live demo of Adlumin’s SIEM platform and learn more about key features designed for financial institutions.
© 2020 Adlumin Inc. – All Rights Reserved