The Centre National Cryptologic (CCN) has released a new abstract ‘
Management systems and Information security Events (SIEM) of the ecosystem CCN-CERT
’ in detailing the two solutions SIEM included in the set of tools.
With both SIEM, each with their particular characteristics, professionals of cyber security have an effective method to automate its processes and centralizing the management of the security council in a way that will help to simplify the difficult task of protecting the information which is controlled and the service provided. For this reason, the
GLORIA: platform for incident management and cyber security threats, which uses complex correlation of events or analysis of patterns for the identification of anomalies, integrating with alternative solutions to the CCN( CARMEN, CLAUDIA, MicroCLAUDIA). Based in SIEM, allows a very flexible orientation towards monitoring of world IP (IT/OT), facilitates the work of threat hunting and allows automatic response to incidents ( SOAR), maximizing the efficiency of the analyst team. It is the solution used by the CCN-CERTfor the operation of its early warning service ( SAT).
MÓNICA: automated system for information management and security events. Allows data information existing lakes in or benefit forensic their forensic capacity of its own and manage cases of use through his motor correlation in real time. It also has the capacity of prosecution in origin, which allows you to be independent of the availability or otherwise, of the event log ( logs) to give an immediate response.