Elysium Analytics, an enterprise cybersecurity solutions provider, has launched a Cognitive security information and event management (SIEM) platform for security operations centers (SOCs).
Cognitive SIEM offers real-time identification of anomalous behavior from compromised users, devices, applications, servers, data and IP addresses. That way, SOCs can use Cognitive SIEM to speed up threat identification and remediation.
How Does Cognitive SIEM Work?
Cognitive SIEM leverages user entity behavior analytics (UEBA) and machine learning to stream data and deliver contextual threat behavior analysis. By doing so, Cognitive SIEM delivers machine learning-based integrated threat hunting and threat detection workflows.
Furthermore, Cognitive SIEM offers threat prioritization with risk-based scoring for users and entities across an organization. It also uses an open data model that enables SOCs to analyze information and baseline users and entities.
Cognitive SIEM is now available via hybrid, private and public cloud or fully configured on-premises appliance, and it can be used on its own or in conjunction with various SIEM systems.
What Does Cognitive SIEM Mean for Elysium?
Cognitive SIEM could help Elysium capitalize on the increasing demand for SIEM tools among cybersecurity professionals.
SIEM tools often help organizations identify cyber threats and reduce security breaches, according to a recent survey of cybersecurity professionals conducted by unified protection and threat management solutions provider AlienVault.
Also, the AlienVault survey revealed 40 percent of cybersecurity professionals expect their SIEM technology budgets to increase over the next 12 months by an average of 20 percent.
Netsurion Offers Combined EDR-SIEM Managed Security Service
In addition to Elysium's Cognitive SIEM launch, MSSP Netsurion this week unveiled EventTracker EDR, a managed security service that offers both endpoint detection and response (EDR) and SIEM capabilities.
EventTracker EDR uses network machine learning and process monitoring functions to protect organizations against both known malware and unknown or zero-day attacks. It is expected to be generally available next month.