Attack Identification

In the current climate, where threats are on the rise, the 6cure Event Management (6cure EM) solution is used to detect attacks targeting your critical services and analyse them in real time, using a simple philosophy: preparing the response that is most suited to the threat.

Analysis & Security Event Correlation

For this, 6cure EM collects and analyses all Information System events, and implements powerful correlation functions to identify real threats to the integrity, confidentiality and availability of your data and critical services. The alerts produced provide as much information as possible to understand ongoing attacks, locate the parties involved (sources, targets and vectors), establish the level of severity and guide the response process. The whole information-gathering, analysis and alerting process is operated in real time to improve your response time.

High-Performance Correlation and Real-Time Analysis

The 6cure EM system assembles a set of functional correlation modules that gain their power from patented algorithm logics resulting from several years of work and feedback from operational use. The flexible architecture of the correlation engine allows deployments ranging from single host to distributed, according to theperformance requirements.

The unique event correlation model provided by 6cure EM has a global performance approach: all analysis is performed in real time, improving your response time, and is configured using Web forms – no need to program the engine with a proprietary language, improving the usability of complex analysis functions and therefore your effectiveness. All analysis modules built into the tool can be activated run-time, working in parallel and collaborating to produce high-level correlation events, summarizing thousands of events and focusing the analysis on real threats, otherwise lost in the mass of raw information.

SIEM Integration

The 6cure EM correlation engine can operate autonomously, or be integrated in your own security management architecture (SIEM), providing it with improved analysis capabilities to reduce your incident investigation time, improve your response time and, overall, improve the performance of your network & service infrastructures.