Modular and Customizable Solution
SGBox is a Next Generation SIEM & SOAR platform developed for cybersecurity control and management. Its modular and distributed architecture allows its use to be adapted to different business needs.
The SGBox platform consists of 3 macro-areas, within which the different modules are developed. The modules operate in a synergistic way, exchanging the collected information and integrating the functionalities.
SGBox Log Management
The Log Management module is at the heart of the solution. These modules allow you to track any security event to identify a potential risk, so you can quickly analyze and resolve the problem.
The Security Information and Event Management (SIEM) module introduces the functions of correlation of events generated by multiple security systems and devices, to promptly identify a potential threat and reduce reaction time.
With the orchestration feature, the platform automatically chooses how to intervene based on the collected information and predefined parameters.
Different possibilities of deployment
SGBox can be implemented on the Cloud, in the Datacenter of organizations, in Multi-tenant version and as Saas.
Whether you need complete control of your SGBox solution in your infrastructure or simply want a solution with no infrastructure to manage, we offer the flexibility you need.
Each option unlocks all benefits and features. As a result, time-to-value is significantly reduced.
Cyber Security Framework: SGBox approach
The Cyber Security Framework represents the set of processes and technologies to define your company’s security posture and improve IT risk management.
SGBox’s approach to cybersecurity management involves the integration of predictive, preventive and proactive security. In the face of the increasing frequency and complexity of attacks, it is critical to act promptly to detect an attack before it occurs.
Predictive Security is developed through the activity of Threat Intelligence, and consists in the collection and analysis of data to identify potential or actual threats to the IT infrastructure in advance. SGBox uses Threat Intelligence Feeds, continuous streams of information to identify potential threats and associate them with Indicators of Compromise (IoC) such as anomalous activities, malicious domains and IP addresses from different sources.
Preventive Safety acts in terms of technological, human and process risk analysis. Activities that fall within the legislative obligations and in terms of international best practice. The activities refer to penetration testing, vulnerability assessment, phishing attack simulation, training, CIS, NIST, ISO27001, GDPR Assessment.
Proactive Security enables the adoption of approaches related to security by detection and security by reaction. Through the adoption of a dedicated Security Operation Center (SOC) team, you can monitor, identify, analyze, manage and block any existing threats within the company. The incident response management component ensures the correct management of business incidents through the use of specialized and competent teams.