For the majority of our use cases on the firewall, we are looking at the Ria website and multiple denials on the firewall. We'll also look at some C&C communication being initiated from multiple systems. That is one use case we are looking at. We have integrated the perimeter and internal application firewalls, along with endpoint protection, through cloud API integration. We have also integrated the vulnerability analysis and SIEM solution through API.
Founder and CEO at Woodside Security Consultants, LLC
Reseller
Top 10
2023-10-04T20:24:00Z
Oct 4, 2023
We use Gurucul Next Gen SIEM as our security incident and event management system. We are sending logs from our Citrix Informatics platform, which is hosted in AWS, for continuous monitoring of events. The organization is ISO 27001 certified, and continuous monitoring is one of the requirements for that certification. That is why we started using Gurucul Next Gen SIEM. We are sending logs over a secure connection to Gurucul's SaaS offering. They perform the analysis and other tasks in their data center, and we consume the results as a SaaS. It is entirely possible to have an on-premises solution like this. I can think of a couple of ways to do it, but I have not bothered to examine them because we are currently a SaaS company and do not operate our own data center. In fact, our entire enterprise is run on SaaS and PaaS.
Gurucul Next Gen SIEM is used for threat detection and response, leveraging machine learning to identify anomalies and breaches. It provides advanced analytics, security event investigation, and compliance management.
Organizations use Gurucul Next Gen SIEM primarily for its robust capabilities in threat detection and response. Its machine learning algorithms effectively identify anomalies and potential breaches, making it a key tool for preventing insider threats. The platform features...
For the majority of our use cases on the firewall, we are looking at the Ria website and multiple denials on the firewall. We'll also look at some C&C communication being initiated from multiple systems. That is one use case we are looking at. We have integrated the perimeter and internal application firewalls, along with endpoint protection, through cloud API integration. We have also integrated the vulnerability analysis and SIEM solution through API.
We use Gurucul Next Gen SIEM as our security incident and event management system. We are sending logs from our Citrix Informatics platform, which is hosted in AWS, for continuous monitoring of events. The organization is ISO 27001 certified, and continuous monitoring is one of the requirements for that certification. That is why we started using Gurucul Next Gen SIEM. We are sending logs over a secure connection to Gurucul's SaaS offering. They perform the analysis and other tasks in their data center, and we consume the results as a SaaS. It is entirely possible to have an on-premises solution like this. I can think of a couple of ways to do it, but I have not bothered to examine them because we are currently a SaaS company and do not operate our own data center. In fact, our entire enterprise is run on SaaS and PaaS.