SeConical

Appliance solution for analyzing IT security events and uncovering incidents.

A general description of SeConical

SeConical is a log analysis appliance, a software system that collects and processes log entries that, after processing the log entries and performing an automatic analysis, prepares a report of the security incidents of the past week every week. The examination of the reports can shed light on any incidents that took place in the IT system, as well as any processes that currently do not but may cause a problem in the future. In case of an incident, experts can use the appliance to perform additional manual log analyses to gather more information on causes and problems.

In addition to weekly reports, the responsible persons are provided monthly overviews on the events of the past month. This illustrates the changes in the security processes that take place in the organization’s IT infrastructure both cumulatively and in a manner suitable for trend analysis.
The organization’s incident handling will become more efficient with the help of SeConical, while it supports the IT operation with highlighting the processes which are going in the wrong direction.

SeConical’s structure

The SeConical appliance is an online workflow-driven application system that consists of main and external servers. The Supervision module is found on the main server; in addition to automatic control, it is responsible for providing users with comfortable service. The external server is the heart of the system and runs the Log Analysis application.

The Supervision module supports the real-time tracking of the appliance’s operating conditions. It can be used to change settings and access the various log analysis reports, and it is also responsible for coordinating the operations of the two servers.

The Log Analysis module is the software system that collects and processes log entries: collection is performed by the Flume and processing is performed by the LogDrill component. After processing the log entries, the Log Analysis module automatically prepares a weekly analysis report on the events of the past week. Reports can be flexibly configured in line with client needs, and manual analysis performed on their basis can shed light on the underlying causes of incidents in the IT system, which can be investigated in detail in a quicker and easier manner.

Advantages of the appliance over the competition

  • Sizing and parameters are customizable depending on customer needs,
  • it does not require operating personnel or log analysis experts,
  • runs automatically after introduction, preparing weekly and monthly reports,
  • with the monthly report it represents IT and security processes and trends in order to support decision making and forecasting.

We recommend the solution for organizations that expect

  • the implementation of efficient, safe, and automated log analysis process specified in international standards (NIST SP 800-53, COBIT 5, ISO/IEC 27001),
  • log collection, log analysis, and reporting not to burden the organization’s human resources, but to be delivered to the competent persons automatically, always on time,
  • the log analysis reports that support the operation of IT systems to be prepared on a regular basis.

SeConical main features

  • rack cabinet installable appliance,
  • modular, customizable system,
  • easy to install and simple to operate,
  • flexibly adaptable to existing log collection solutions,
  • data collection, storage, processing, and analysis in a single system,
  • provides IT system supervision,
  • controlled via a hierarchical (privilege-based) dashboard interface,
  • implementation of the efficient, safe, and automated log analysis process specified in international standards (NIST SP 800-53, COBIT 5, ISO/IEC 27001).

Central log collection

Thanks to central log collection, the information logged by the organization’s log sources are collected in one location in a structured format, after which the system allows the user to save those, thus helping automatic log analysis as well as possible manual investigative procedures.

Automated log analysis and reporting

During log analysis, the automatic and scheduled processing of log files allows users to monitor the state of IT systems and to create reports and, in certain cases, to forecast behavior and problems. The SeConical log analysis module is also able to analyze large quantities of data with various formats, structures, and sources with lightning speed. The results of the log analyses are automatically used to create weekly and monthly reports; ad hoc reports generated on the basis of the information uploaded in the system can be created with a single click.

Log forwarding

Log forwarding allows the data to be processed by other systems. The data obtained by the log forwarding service from the log source are delivered to the locations specified by the Client through the SeConical system.

Supervision

The Supervision module can be used to track SeConical’s real-time status as well as the statuses of log collecting agents, to perform various settings and run various commands, and to manage and create a number of log analysis reports, which can then also be viewed.

Manual log analysis

The Forensic module makes it possible to perform manual log analysis in the collected logs so experts can delve deep to uncover causes and problems when investigating an incident.

SeCube

A modular IT GRC application that helps make an organization’s information security management system transparent and manageable. It can be attached to the SeConical system as an optional module. More information: https://www.secube.hu/

More information
Szechenyi2020

Iratkozzon fel hírlevelünkre!

Ha szeretne többet tudni a legfrissebb híreinkről, szolgáltatásainkról, iratkozz fel hírlevelünkre!