SOLUTIONS

HOW IT WORKS

PARTNERS

COMPANY

Cloud SIEM as a Service

Get superior visibility and integration with our managed SIEM platform, with the full service operational in minutes.

Our cloud SIEM service provides centralised security monitoring for your cloud, on-premises, or hybrid environments, covering your endpoints, network, syslog and cloud instances like AWS, Azure, Office 365 and G-Suite.

The platform provides rich functionality similar to custom, purpose-built solutions, delivering unprecedented integration and visibility capabilities.

Delivered as a fully managed cloud service, our platform can be operational in minutes, saving time, resources and overall cost of ownership. There is no learning curve as you do not need to configure or manage the platform – our team will do everything for you.

Deploy our cloud SIEM now, visualise all the security data your business has, expose vulnerable systems, and start detecting threats missed by others.

Designed For Threat Detection And Response

The platform provides the complete toolset to support efficient security operations capability on a scale. Your security data will be continuously enriched with our threat intelligence, with advanced correlations and threat detections applied in real time.

Windows/Linux/Mac endpoints

Dark web

External and internal vulnerabilities

Network Behaviour and network flows

Public cloud systems

SaaS and bespoke applications

Cyber risk factors of third-party vendors

Threat Intelligence

Fast Track Your Security Operations

The service provides everything you need to start your security operations program, supporting all your systems and operations from day one.

We provide you with the access to our platform and all essential tools: threat intel, behaviour analytics, machine learning, integrated with any cloud, any data.

The platform is supplied with rich threat intelligence already integrated to your security data, providing immediate threat awareness and attribution.

Built-in automation saves you time, effort and money. You do not need to spend 2 years building your capabilities – have it on day one.

The platform is supplied with hundreds built-in detections and correlations, with new detections being added daily.

Fully Ready for MSP’s

The platform is fully ready for MSP’s, and provides robust multi-tenancy features, SSO capabilities, SOC dashboards with aggregated data from all your tenants and rich reporting. You can provide your customers with full access to their instances, or deploy a dedicated Customer Portal for them with predefined reporting templates based on high-level security posture overview or specific compliance frameworks.

AUSTRALIAN TECHNOLOGY

  • Designed, developed, hosted and managed in Australia
  • No minimum commitment for Australian MSP’s
  • Unrestricted integration capability, support for any log source or custom data
  • 24×7 SOC based in Sydney

DEVELOPED FOR MSP’s

  • Easy installation, management, and support; 100% cloud-based platform
  • Multi-tenant environment, search and report across all of your tenants
  • Comes with integrated threat intelligence, dark web monitoring, vulnerability management, automated security assessment and many other features
  • White-labelled Customer Portal and Analyst Console

EASY DEPLOYMENT

  • A lightweight agent deploys in seconds without any impact on user productivity
  • An extensive library of ready-to-go cloud and syslog integrations
  • Designed, developed, hosted and managed in Australia
  • Automated deployment option

Our MSP provides you with all you need to start your security operations

Cloud Stack Visibility

We support any cloud services you might have, including any cloud-native services running on AWS, Microsoft Azure or GCP. Our cloud sensors integrate into your cloud instances, and provide immediate visibility, configuration auditing, vulnerability management and threat detection.

User Actions and Behaviour

The platform automatically captures all user and machine activities and provides integrated machine learning capabilities to automatically detect any deviations. You can see suspicious processes, unusual user logons, rare events, unexpected file downloads and many others.

Integrated Alerting and Reporting

ThreatDefence SIEM monitors your security events end-to-end and presents all detections and alerts in a single page of glass. Visualise your cloud, network, endpoint, syslog, application, dark web and other data sources in a single platform, with an unified context for investigations and detections.

Rich XDR Functionality

ThreatDefence SIEM monitors your security events end-to-end and presents all detections and alerts in a single page of glass. Visualise your cloud, network, endpoint, syslog, application, dark web and other data sources in a single platform, with an unified context for investigations and detections.

We cover the entire enterprise attack surface, integrating all security systems and applications you might have, would it be your firewalls, access points, endpoint protection systems, security gateways, authentication systems or anything else.

Our SIEM/XDR platform is provided with lightweight sensors that can be deployed on-premises or in your cloud environments. Our Network, Endpoint and Cloud sensors can be rolled-out in minutes and start ingesting your data immediately – you will see data streaming to your dashboards in real time

Protect Your Organisation With ThreatDefence