Managed SIEM + SOAR
Our Fully-Managed SIEM + SOAR shortens the response time to the most critical cybersecurity alerts putting your organization at risk.
Goliath Cyber combines network-based deep packet inspection with monitored security analytics, compliance, and forensics of security logs across the entire enterprise, including endpoints, servers, cloud, Office 365, virtual machines, containers, and remote workers.
Our Managed SIEM protect’s your organization by:
- Ingesting security logs from endpoints, servers, cloud environments, virtual machines, Office 365, IoT, network, remote workers (WFH), and other agentless devices connected to the network.
- Storing unlimited on-prem security event logging for forensic analysis and compliance.
- Easily integrating with existing EDR, A/V, and Firewall solutions.
Our U.S.-based SOC utilizes SOAR functionality in order to quickly identify and resolve critical cybersecurity alerts.
Our managed SOAR improves your organization’s security posture by:
- Applies automation to respond to security threat data and alerts from all devices in your IT infrastructure, including devices that won’t take an agent.
- Most threats are automatically and instantaneously identified and blocked using threat intelligence, deception, and intrusion detection.
- Highly filtered alerts reduce alert fatigue and ensure critical security alerts are sent to the SOC for investigation and remediation in a timely fashion.
unlimited on-prem log retention
Our XDR ingests data from agents installed on endpoints throughout the organization, regardless of where those endpoints are physically located. Agents are available for Microsoft Windows, Linux, and MacOS.
The low memory and low CPU footprint agents allow the Analytics node to collect and analyze log and security event data, file and registry changes, system inventory, network configurations, vulnerability data, and other security-related telemetry for analysis by the SOC.
Never worry about paying costly monthly fees to store critical log files.
Storage of unlimited logs on-prem at no additional cost.
XDR Agents will collect logs, file integrity, registry integrity, command execution, security events, vulnerabilities, system inventory, and other security telemetry and send that data securely to the Analytics Node for the detection of threats, misconfiguration and other analyses provided by the platform.
Types of Agent events that are monitored by the SOC include, but are not limited to::
- Authentication Failures / Brute force attempts
- Security Events
- MITRE ATT&CK Events
- System Integrity Changes (certain filesystem, registry and system changes)
- Resource Exhaustion
- Failed Privileged Operations
- Account / Group Manipulations
- Application Installation / Removal
- Service Installation / Removal