SIEM Platform Fundamentals

Adlumin’s platform is based on three fundamental tenants including cost efficiency, ease-of-use, and simple integration. Using a cloud native, server-less architecture, Adlumin can control the resource-to-performance requirements for customers—a huge cost benefit for customers. Our SIEM uses Artificial Intelligence and Machine Learning to write its own rules, so customers aren’t required to for the technology to work. Lastly, deployment takes 20 minutes and doesn’t include any hardware or software integrations.

Three Components of our SIEM

Network Health and Compliance

Facilitate your compliance objectives and proactively make your network stronger before a breach occurs. Your organization will always discover threats, malfunctions, and IT operations failures in real-time.  Adlumin actively searches the network for compliance violations in real-time, keeping you fully informed along the way.

Detection and Artificial Intelligence

Adlumin’s SIEM gives you Artificial Intelligence and Machine Learning in the form of User & Entity Behavior Analytics (UEBA) to automatically write, and re-write your SIEM rules dynamically as your network traffic changes. You will always be notified in every alert notification about why network behavior triggers a detection.

Data Research and Log Management

Adlumin has built into the SIEM platform the ability to quickly and expertly scope a potential breach using research tools that will help you visualize access for every account and system on your network.  Correlates all user and account activity with the every protected system on the network in one quick step.

World-Class Analytics

User & Entity Behavior Analytics

Adlumin uses proprietary Artificial Intelligence and Machine Learning algorithms to analyze account-based threats and write your SIEM rules. Compromised accounts are part of almost every financial intrusion.

  • User & Entity Behavior Analytics (UEBA): Adlumin uses proprietary UEBA data science to identify, detect, analyze, and prioritize anomalous behavior—without any input from your cybersecurity team—that will likely present a risk to your network’s security in real-time.
  • Scenario Based Threat Models: Adlumin provides scenario-based threat models to determine when an account exceeds its baseline pattern of behavior.
  • Prevent Privilege Abuse and Account Takeover: Adlumin uses Artificial Intelligence to detect known and unknown threats—specifically when determining an insider threat, account takeover, and privilege abuse or misuse.

World-Class Analytics

User & Entity Behavior Analytics

Adlumin uses proprietary Artificial Intelligence and Machine Learning algorithms to analyze account-based threats and write your SIEM rules. Compromised accounts are part of almost every financial intrusion.

  • User & Entity Behavior Analytics (UEBA): Adlumin uses proprietary UEBA data science to identify, detect, analyze, and prioritize anomalous behavior—without any input from your cybersecurity team—that will likely present a risk to your network’s security in real-time.
  • Scenario Based Threat Models: Adlumin provides scenario-based threat models to determine when an account exceeds its baseline pattern of behavior.
  • Prevent Privilege Abuse and Account Takeover: Adlumin uses Artificial Intelligence to detect known and unknown threats—specifically when determining an insider threat, account takeover, and privilege abuse or misuse.

One-Touch Compliance Reporting

FFIEC CAT and ACET Compliance

Adlumin’s reporting features are developed based on direct feedback from our customers. They can be downloaded in seconds and handed directly to financial auditors, or they can be scheduled and delivered to your inbox on a weekly, monthly, or quarterly basis.

  • FFIEC Inherent Risk and Cyber Maturity Risk Models are built completely into the platform and all questions reflect official FFIEC reports.
  • NCUA’s Automated Cybersecurity Examination Tool (ACET) is in development and will be incorporated into Adlumin’s SIEM Platform by early 2020.
  • Financial Institution Designed Reports separate Adlumin’s reporting from other SIEMs not designed for the financial compliance.

One-Touch Compliance Reporting

FFIEC CAT and ACET Compliance

Adlumin’s reporting features are developed based on direct feedback from our customers. They can be downloaded in seconds and handed directly to financial auditors, or they can be scheduled and delivered to your inbox on a weekly, monthly, or quarterly basis.

  • FFIEC Inherent Risk and Cyber Maturity Risk Models are built completely into the platform and all questions reflect official FFIEC reports.
  • NCUA’s Automated Cybersecurity Examination Tool (ACET) is in development and will be incorporated into Adlumin’s SIEM Platform by early 2020.
  • Financial Institution Designed Reports separate Adlumin’s reporting from other SIEMs not designed for the financial compliance.

Integrated Threat Intelligence in Real-Time

Threat Intelligence Portal

Adlumin’s Threat Intelligence Portal (ATIP) allows for real-time research of individual IP addresses across multiple threat data sources. Additionally, incoming device data from firewalls, VPN servers, and network security appliances is scanned using the world’s largest crowd-sourced threat intelligence platform, with more than 100,000 members across 140 countries.

  • Collaborative Defense – It enables collaborative defense with actionable, community-powered threat data.
  • Automated TIP Analysis on Network Traffic – Adlumin users will receive notifications in the form of a detection if any incoming event contains an IP address that has been deemed potentially malicious.
  • Adlumin’s Threat Intelligence Portal provides an intermediate level of FFIEC CAT Domain 2 Compliance as well.

Integrated Threat Intelligence in Real-Time

Threat Intelligence Portal

Adlumin’s Threat Intelligence Portal (ATIP) allows for real-time research of individual IP addresses across multiple threat data sources. Additionally, incoming device data from firewalls, VPN servers, and network security appliances is scanned using the world’s largest crowd-sourced threat intelligence platform, with more than 100,000 members across 140 countries.

  • Collaborative Defense – It enables collaborative defense with actionable, community-powered threat data.
  • Automated TIP Analysis on Network Traffic – Adlumin users will receive notifications in the form of a detection if any incoming event contains an IP address that has been deemed potentially malicious.
  • Adlumin’s Threat Intelligence Portal provides an intermediate level of FFIEC CAT Domain 2 Compliance as well.

24/7 Search for Leaked Accounts on the Deep and Dark Web

Darknet Exposure Module

Adlumin’s Darknet Exposure Module has the ability to extend defensive capabilities beyond your firewalls, endpoints, and security devices into Russian ID theft forums and the criminal underground.

  • Deep & Dark Web Leaked Account Scanning – Using data collected from both OEM partners and Adlumin, we can make effective quantification of risk associated with a specified data breach or credential leak, which helps prevents account take overs and credential stuffing attacks.
  • Protects All Domain Accounts – For critical (Privileged Accounts) and high (Unprivileged Accounts) severity breaches, Adlumin determines when a leaked account is potentially useable on the protected network.
  • Automated Notification and Password Reset – Adlumin can initiate an automated victim notification (to include the user and security team), and force a password reset of the business domain account that was leaked.

24/7 Search for Leaked Accounts on the Deep and Dark Web

Darknet Exposure Module

Adlumin’s Darknet Exposure Module has the ability to extend defensive capabilities beyond your firewalls, endpoints, and security devices into Russian ID theft forums and the criminal underground.

  • Deep & Dark Web Leaked Account Scanning – Using data collected from both OEM partners and Adlumin, we can make effective quantification of risk associated with a specified data breach or credential leak, which helps prevents account take overs and credential stuffing attacks.
  • Protects All Domain Accounts – For critical (Privileged Accounts) and high (Unprivileged Accounts) severity breaches, Adlumin determines when a leaked account is potentially useable on the protected network.
  • Automated Notification and Password Reset – Adlumin can initiate an automated victim notification (to include the user and security team), and force a password reset of the business domain account that was leaked.

Ready to demo?

Schedule a briefing and live demo of Adlumin’s SIEM platform and learn more about key features designed for financial institutions.