SIEM data feed could change the game
SIEM data feed could change the game
For many of our clients, introducing security information and event management software (SIEM) has been a game-changer in data transparency, trendspotting and faster response to incidents. It works by consolidating multiple data points from across disparate systems. This removes the need to interpret data displayed in multiple formats, offering instead a single view on a customised dashboard supported by alerts.
It’s another layer of risk minimisation for teams managing security posture in-house or for providers working on a client’s behalf.
Introducing our new SIEM data feed
Since over 90% of all cyberattacks come through email, it’s critical for clients to include their data from our systems to better predict, assess and respond to incidents.
An SMX SIEM feed delivers that. You get complete data of the actions our filters and controls perform on every email we process on your behalf. This gives you deep insight into message delivery – you’ll see whether an email was blocked, quarantined or delivered. You’ll also see the final disposition of the email – if it was clean, had detectable malware or was a threat, spam or phishing email.
A major central government agency is already making use of this API to ensure it has a full picture of data from across providers, says SMX founder Thom Hooker.
“They can now see what’s going on. They can generate alerts and reports or see historic trends – it’s like turning the lights on.”
Our service supports any system, including Splunk and Sentinel, and is included free as part of our base service – and it’s impressive work, says Thom.
“I know SMX SIEM will add huge value to our clients’ businesses – the team should be really proud of their work.”
Get set up with SIEM
Photo by Scott Graham on Unsplash