The global spread of botnets (collections of compromised computers) has led to an epidemic of DDoS attacks. As attack tools become more sophisticated and easier to use, botnet operators are bringing down targeted applications with low bandwidth attacks that escape detection both in provider networks and by traditional perimeter security devices. Data center operators are typically unaware of such attacks until critical services are down or badly degraded. At that point, there can be extreme pressure to find and fix the problem. Yet the tools and expertise to do so are often lacking.
Easy deployment, an interface to be used intuitively and easily and a rule-based alert, bucket, dashboard and reports are the factors creating the simplicity mindset behind Logsign, who believes in “Simplicity is the ultimate sophistication”. The user interface used for the SOC teams’ threat and anomaly analysis has been designed in order to be understood easily and simply.
Logsign is seamlessly integrated with Symantec Advanced Threat Protection (ATP). Let’s see how.
Types of events detected by Symantec Advanced Threat Protection;
Logsign is seamlessly integrated with Symantec Endpoint Protection (SEP). Let’s see how.
Basic functions provided by Symantec Endpoint Protection:
- Antivirus protection
- ADC is an application based module which has been developed against policy based threats especially capable of infecting system files and those from external devices.
- Firewall protection