SOCFortress: Latest Blog Entries. SOCFortress for MSPs. Professional Services. SOCFortress Copilot.
Contact
  • Network & Systems Log Collection.

    NIST CSF DE.AE-2: Detected events are analyzed to understand attack targets and methods.
    Show me more
  • Log ingestion and analysis
    NIST CSF DE.AE-3: Event data are collected and correlated from multiple sources and sensors.
    Show me more

Centralised Logging for Infra and SystemsNetwork & System Logs

Network and Systems LogsFull visibility from your SIEM.

Contact SOCFortress
Network Logs - Summary.

Each dashboard is composed of summaries and aggregated data for a quick overview of relevant events and detection rules.

Network Logs - Connection table.

All network logs collected and processed.

Connections to public IPv4 addresses are checkd against security feeds.

Network Logs - Web Proxy logs and URL analysis.

Web proxy connections and telemetry.

SOCFortress analyzes proxy connections and URLs are checked against security feeds.

Network Logs - Metadata.

All network logs collected by SOCFortress are processed and normalized.

SOCFortress Network Logs Integrations
Fortinet - FortiGate Firewalls.

Fortinet - FortiGate Firewalls UTM Events, logs and Alerts integrated in SOCFortress SIEM.

Palo Alto Firewalls.

Palo Alto Firewalls NextGen Events, logs and Alerts integrated in SOCFortress SIEM.

Cisco Firewalls (ASA and FirePower).

Cisco Firewalls Events, logs and Alerts integrated in SOCFortress SIEM.

SonicWall Firewalls.

SonicWall Firewalls logs integrated in SOCFortress SIEM.

Sophos Firewalls.

Sophos Firewalls Events and Alerts integrated in SOCFortress SIEM.

Ubiquiti Networks.

Ubiquiti Networks Events, logs and Alerts integrated in SOCFortress SIEM.

CheckPoint Firewalls.

CheckPoint Firewalls Events, logs and Alerts integrated in SOCFortress SIEM.

Fortinet - Secure Web Proxy.

Fortinet - Secure Web Proxy Events and Alerts integrated in SOCFortress SIEM.

Cato Networks (SD-WAN).

Cato Networks Events and Alerts integrated in SOCFortress SIEM.

Cisco Umbrella (Virtual Appliance).

Cisco Umbrella Events and Alerts integrated in SOCFortress SIEM.

McAfee Secure Web Gateway (SWG).

McAfee SWG Events and Alerts integrated in SOCFortress SIEM.

Piolink WebFront-K (WAF).

Piolink WAF Events, logs and Alerts integrated in SOCFortress SIEM.

Nozomi Networks (OT).

Nozomi Networks Events, logs and Alerts integrated in SOCFortress SIEM.

Forcepoint DLP.

Data Discovery and Classification: Identifies and classifies sensitive data, predefined and custom policies to classify data.

Data Protection: Prevents unauthorized sharing or transmission of sensitive data, Provides real-time monitoring and enforcement of security policies.

User and Entity Behavior Analytics (UEBA): Analyzes user behavior to detect anomalies and potential insider threats.

Integration with Other Security Solutions.