Prelude SIEM | Smart Security
Prelude is an Universal “Security Information & Event Management” (SIEM) system. Prelude collects, archives, normalizes, sorts, aggregates, correlates and reports all security-related events independently of the product brand or license giving rise to such events; Prelude is “agentless”. Prelude is using IDMEF since it’s very beginning nearly ten years ago and has implemented it in various open-source IDS. IDMEF is implemented in the open-source edition (www.prelude-siem.org) which is limited in performance and functionalities but a perfect tool to learn more about IDMEF and to test it. An IODEF plugin will also be implemented soon in this version.
A Security Information and Event Management gathers heterogeneous information system equipment data at a single point and provides comprehensive human-readable security reports. Prelude Pro offers three majors functionalities:
Prelude collects, analyzes and correlates all the information of the system and extracts suspicious events in real time to alert operators of a possible intrusion.
Prelude offers advanced analysis and graphical interfaces on all real-time and archived data to assist operators in their analytical work. This module allows you to generate reports in various formats intended towards company management.
Prelude collects sets of logs from the information system, stores and indexes them in a database and thus provides a way for operators to perform security analysis by searching through this data.
Prelude allows you many functions:
- Manage real-time internal and external threats
- Collect, analyze and prepare status reports
- Analyze data specific to security events
- Contribute to legacy compliance
- Provide exploration and subsequent proof capabilities
- Prevent any damage or faults on the data and resources of the company
- Ensure the compatibility of internal or external security policies
- Be informed of potential threats and suspicious events on networks
- Immediately establish the causal links between information and events and their consequences
- Identify areas of inefficiency or slowdowns and determine their causes
- Monitor network activity and manage risk in an optimized way
- Show evidence of best practice during audits
Prelude helps maintain the information security system operating conditions, thus optimizing the level of protection implemented. Prelude has a capacity of immediate treatment of threats. It helps companies against assaults they suffer and actively participate to limit losses that may arise. Thanks to its numerous connectors, Prelude facilitates the exploitation of information from every tools deployed.