Incident MiND

Your EYE to Security Incident

As the network security technology becomes more complex, different brands of security devices are emplyed to provide a more comprehensive protection to the network. Log data managment is hence becoming a vital element in managing network security, regulatory compliance and network availability in coporations nowadays. Unmanagble of different logs and events which fired from different devices located diversely, even within a site, implies an inadequate information for monitoring network activities which enhance the network vulneribility to attacks. Immediate, efficient and effectively responses to attacks can not be made either. This rising security concerns is now proceeding into both managerial and operational views in many corporations. Security Information Management (SIM) is hence an indispensable solution to satisify the urgent needs.

Security Information Management defines the process of collecting, analyzing and reporting security-relevant information. It helps in controlling the security infrastructure instead of being controlled by them. Security Event Management assists in analyzing the collected logs and events from various security devices, revealing true attacks and at the same time generating real alerts to administrators in manageable manner. The tools and workflow for the security staff to protect the organization are provided. The business continuity is hence greatly ensured.

Incident MiND

Centralized Management
Maximizes value of existing security investment by unifying security process across geographies, disparate security technologies, and network tiers. Incident MiND empowers you to manage hung amounts of security event from various security devices in a single GUI (Graphical User Interface) management console; which satisfies essential security tasks in monitoring, alerting, query, analysis, action, as well as technical and management reporting.

Customize Your Network and Visualization
Customization of network environment and security products is one of the critical issues to handle false alarms and security events. Incident MiND helps you to filter false alarms and visualize the intrusion scenario cases on your management console with prioritization; which draws your attention on the most significant security events and gets understanding in a fast way by GUI representation.

Incident Identification and Workflow Control
It connects security knowledge to action by coordinating and tracking response activities throughout the incident lifecycle helping enterprises respond quickly and effectively, thereby minimizing the business impact of information security breaches.

Event Correlation and Cross-Product Analysis
Because few standards exist today in the world of information security, security devices themselves do not adhere to common criteria when producing security event information. So, while multi-vendor firewalls and IDS / IPS may perform a similar function, their event information looks very different. Incident MiND helps in normalization and handles cross-product security alarms and event logs into single normalized dataset for correlation analysis and visualize in a single management console.

Comprehensive Report
With providing both managerial level and technical level reports; including summary charts in top attacks with daily, weekly, or monthly basis, as well as technical details information about each intrusion scenario case in graphical or log formats.

Incident MiND generates reports with whole security pictures for your network environment, instead of pieces information from individual security devices; and also, it allows for scheduling of report generation and welcome for customization of client's own report types and report formats.