EVENT CORRELATION & RESPONSE SYSTEM
Visibility on complex and dynamic events
The Event Correlation provides the capability to define rules and detect threat scenarios. SGBox aggregates and analyzes log data from across your network applications, systems and devices, making it possible to discover security threats alerts or trigger automatic countermeasures using scripts or interacting with external systems via API’s.
This feature allows you to reduce the reaction time to a threat by sending a warning message.
Easily create the correlation rules
SGBox easy and intuitive GUI allows the creation of complex chained event based correlation rules in a few simple steps.
The correlation rules may be used on real time or historical data.
The countermeasure process is automated, because SGBox understands which route it should take according to the correlation rules set out above.
Quickly and Confidently
Perform efficient multi-step analysis and investigations with smart automation and visibility to quickly triage, prioritize and respond to threats.
Predefined Rules Set
It is possible to choose correlation rules from many predefined templates, constantly updated and guaranteed by the experience of our Security Engineers.
File Integrity Monitoring
Monitor file activities to protect sensitive information from theft, loss and malware. Check and view details or changes made to files and folders identifying an attack.
SGBox can engage automated response in case of threats by launching scripts or interacting with security components via API or APPs to mitigate theats.