What is Assuria ALM-SIEM?
ALM-SIEM, from Assuria, is a security information and event monitoring solution (SIEM). The product provides:
Threat Intelligence Integration:
ALM-SIEM ingests Threat Intelligence feeds, automatically enriching log and event data with key intelligence from these external watchlists and threat data. ALM-SIEM also enriches the Threat Intelligence data feed with additional content, such as specific client context information, further enhancing Threat Hunting services.
Pre-Configured Security Controls:
ALM-SIEM is delivered with out-of-the-box security controls, threat use cases and alerting dashboards. Automated analytics using these built-in controls and threat intelligence feeds provides enhanced security defences, visibility of security issues and mitigation support. Compliance failures also become evident.
Secure Data Storage:
Log cataloguing, chain of custody records, archive creation and management. Essential meta data included. Fully searchable store. Archive to secure long term storage, complete with a digitally-signed manifest. Support for deep forensic investigation and re-investigation of all current and historic data.
Log Management:
Enterprise wide, agent & agentless automated log management built-in. Secure and forensically sound collection of logs and machine data from almost any source. Designed to ensures the security, continuity and integrity of all collected logs and allows alerting at the log source. Massively scalable. Resilience built-in.
File Integrity Monitoring:
ALM-SIEM includes a built-in FIM service that alerts on potentially un-authorised changes to critical assets, outside of the scope of audit logs. FIM continuously and efficiently monitors the status of identified key assets such as critical system files, configuration files, packages, critical data files, system objects etc.
Operational Dashboards:
ALM-SIEM is delivered with alerting and operational dashboards to support threat and audit reporting, security detection and response operations and analyst threat hunting services. End user and operational dashboard configurations available. Multi format hard and soft copy alerting and reporting is also available (e.g. HTML, PDF, XLS, XML and CSV)
Threat Intelligence Integration:
ALM-SIEM ingests Threat Intelligence feeds, automatically enriching log and event data with key intelligence from these external watchlists and threat data. ALM-SIEM also enriches the Threat Intelligence data feed with additional content, such as specific client context information, further enhancing Threat Hunting services.
Pre-Configured Security Controls:
ALM-SIEM is delivered with out-of-the-box security controls, threat use cases and alerting dashboards. Automated analytics using these built-in controls and threat intelligence feeds provides enhanced security defences, visibility of security issues and mitigation support. Compliance failures also become evident.
Secure Data Storage:
Log cataloguing, chain of custody records, archive creation and management. Essential meta data included. Fully searchable store. Archive to secure long term storage, complete with a digitally-signed manifest. Support for deep forensic investigation and re-investigation of all current and historic data.
Log Management:
Enterprise wide, agent & agentless automated log management built-in. Secure and forensically sound collection of logs and machine data from almost any source. Designed to ensures the security, continuity and integrity of all collected logs and allows alerting at the log source. Massively scalable. Resilience built-in.
File Integrity Monitoring:
ALM-SIEM includes a built-in FIM service that alerts on potentially un-authorised changes to critical assets, outside of the scope of audit logs. FIM continuously and efficiently monitors the status of identified key assets such as critical system files, configuration files, packages, critical data files, system objects etc.
Operational Dashboards:
ALM-SIEM is delivered with alerting and operational dashboards to support threat and audit reporting, security detection and response operations and analyst threat hunting services. End user and operational dashboard configurations available. Multi format hard and soft copy alerting and reporting is also available (e.g. HTML, PDF, XLS, XML and CSV)
Categories & Use Cases
Videos
Technical Details
| Deployment Types | SaaS |
|---|---|
| Mobile Application | No |
FAQs
What is Assuria ALM-SIEM?
Assuria headquartered in Reading, provides cyber security software solutions and managed security services for Security Operations Centres, IT Protective Monitoring services and IT Assurance services in more than 20 countries worldwide. ALM-SIEM monitors, detects and helps to respond to cyber security incidents and data protection threats. It combines Security Information & Event Management (SIEM), File Integrity Monitoring, Vulnerability Assessment and Log Management functionality in an integrated software solution.
What are Assuria ALM-SIEM's top competitors?
IBM Security QRadar SIEM, LogRhythm NextGen SIEM Platform, and Splunk Enterprise Security are common alternatives for Assuria ALM-SIEM.