A CLOUD BASED VIRTUAL SECURITY OFFICER
Each network creates every day thousands and thousands of lines of events sometimes hiding attacks and exploits.
Out of the multitudes of those events, security tools create events (those might or might not be pertinent for the security of the network).
Although, nobody is paying attention to it due to the complexity and/or number of those events…until it is too late.
On the contrary, all those security events are uploaded to Veezo with a minimum performance impact on your internet connection.
Events are then immediately processed against a collaborative cloud driven threat intelligence engine.
It all happens in a 100% vendor independency and doesn’t rely on traditional UTM security or detection capabilities.
Entire results of Veezo collaborative analysis can be deployed as a preventive detection layer to all protected Veezo networks, which is acting as a preventive layer against new threats and based on other user experience and behavioral analysis.
VISIBILITY, ALERTING AND REPORTING
A cloud dashboard shows in real time the alerts level with analysis and action taken, aggregated for all remote sites or individual for each protected site.
The same cloud platform offers root cause and contextual analysis (with scenario replay, before, during and after incident).
The cloud platform offers the possibility to define on-demand, scheduled reports on general activity, security incidents, risk assessment, alerts and recommendations to improve security policies or prevent users misbehaving.
Veezo offers various customizable alerting services.
HOW THE DETECTION ENGINE WORKS
Veezo collect and securely upload all events passing through its bridged interfaces, including connection logs, IDP logs, Apps logs, Web traffic logs, DNS queries, etc. for further analysis, contextual and behavioral analysis and reporting.
The cloud based detection engine analyzes these events with its collaborative intelligence, searching for malicious activities.
When one attack has been identified, the IT manager receives an alert. The alert provides both results of analysis and instant recommendations to mitigate the attack and reduce the risk of irreversible damages.
The results of the analysis are presented with comprehensive and predefined reporting.