The normalization of events allows one to unambiguously interpret events in a single taxonomy format. Fields and their values are brought to the same format and types.
Active scanning and passive scanning in real time allow timely detection of threats and alerting the operator. The built-in offline vulnerability database provides operators with complete information, sufficient for analysis.
Analytics allows you to detect threats without necessarily creating correlation rules for each case. Applied mechanisms AI (artificial intelligence), DL (data learning) are complex and multifaceted, but are governed by user rules.
Long-term storage of events
Long-term storage of events for statistical evaluation, investigation of incidents, compliance with standards and regulatory requirements
Real-time correlation provides timely detection of threats, allows them to be prevented, promptly notifies operators. Correlation rules are configured using the graphical designer.
Numerous visualization tools allow you to analyze the received data from different angles, not to miss important system states.
Our products is created by our team
The core of the product, MQ, agent, interface - created entirely by our team. This allows you not to use third-party agents, services and applications to fully work with the product. We do not rewrite or sell open-source solutions under the guise of our product. This is confidence in the further development of our solutions, independence from third-party components, the ability to solve various cases and adapt the solution to the needs of our users.
We provide a free version - RvSIEM free. You can not only download and make sure that the product works, but also use this solution completely free of charge in your company. RvSIEM is a LM (log management) solution that allows you to collect, store and visualize data. Do not waste precious time searching for open-source and free solutions, for adapting to your needs. Use RvSIEM free.