Security Information and Event Management

VNCS Global > Security Information and Event Management

VSIEM (Information Security and Event Management Solution) is a network security monitoring system designed for the purpose of collecting and analyzing logs, security events from endpoints and stored centrally. SIEM system allows centralized analysis and reporting of network security events of the organization, detecting unauthorized impact events on the system through correlation laws to help detect attacks that cannot be detected by conventional solutions such as IDS / IPS, Firewall,…

This is considered a comprehensive information security solution to effectively support agencies to manage and ensure the security of information technology infrastructure, in order to detect, warn and respond to cyber attacks.

VSIEM MEETS THE POSSIBILITY

Basic security monitoring: collecting, standardizing, correlating and analyzing logs.
Notifications and alerts: tailored to alert security analysts when policies are breached or threats have been identified.
Advanced threat detection: smart feed integration that provides data on current threats that VSIEM uses to identify threats.
Incident Investigation & Response: the ability to store logs so that when a breach or incident occurs, the IR team and digital forensic investigators have the ability to perform a root cause analysis.
Security incident detection: alerts security teams to anomalies or policy violations in an automated manner with clear information.
Compliance with security policies: VSIEM demonstrates compliance with security policies by providing checks and reports related to login data, user information, IP address information, and data flows.

TECHNOLOGY STRENGTHS

  • Inverse Index: Data indexing technology, helping to query big data at lightning speed.
  • Distributed Database: Distributed database, high-performance storage solution, availability, load balancing, and data maintenance capabilities.
  • MessagePack: Data exchange format. The application of MessagePack technology in the data transport protocol helps to reduce the size on the transmission line, increasing the speed of data forwarding.
  • VQuery: A set of languages and data query technologies developed exclusively by VNCS Global team. VQuery supports event querying, data analysis aggregation, and representation in the form of appropriate charts.
  • Visualization Dashboard: A data visualization tool that provides users with an overview from which to make faster and more accurate decisions.

VSIEM FEATURES

Monitoring Information Security Event: Collect, normalize and analyze information security event for detecting security incidents or digital forensic when incidents occur.

Detecting Security Incidents: Automatically alert about unusual behavior or policy violation with detail information. Help administrator to investigate quickly

Visualize Information Security Events: Provide dashboards can show the search results in the form of charts and reports help administrators get an overview of the information security situation of IT

Real-time Alerting: Immediate alerting when an security incident occur help administrators quickly identify the situation and provide timely incident response

Incident Investigation & Response: All data have been enriched, parsed and normalized help administrators easily find out the cause of security incidents and draw conclusions

Integration Capabilities: Easy intergration to get or push data to third-party platforms via API, send alerts through different channels such as Zalo, Telegram,…

With the desire to protect organizations and businesses against increasingly dangerous cyberattacks, VSIEM converges all the superior, friendly and reliable features for a new generation information security event handling system. With the knowledge, experience and enthusiasm of VNCS Global’s research/development team, VSIEM solutions promise breakthrough potentials and sustainable values, becoming pioneering, innovative and outstanding products for the 4.0 revolution in Vietnam.

VSIEM is continuously improved to increase the level of automation and aims to be a comprehensive, highly reliable information security product, overcoming the shortage of human resources. VSIEM is an information security product of Vietnamese people, with the learning of advanced technologies in the world, improved to suit the needs of small and medium organizations in Vietnam. The solution is currently used by some Vietnamese units and in the near future will be distributed in Japan and some countries in the region.