abacode-cyber monitoring-cyberlorica-logo

Cyber Lorica is a Security Information and Event Management (SIEM) managed network surveillance platform designed to detect events consistent with cyber attacks and data breaches. Cyber Lorica is comprised of the following critical components:

  • SIEM managed network surveillance software that acts like a burglar alarm for your network devices and computers
  • 24/7 managed network surveillance provided by IT Security Professionals that work around the clock detecting and notifying of cyber attacks

It is vital to your business to differentiate between technology that enables the detection of unauthorized activity and a full managed network surveillance program that includes constant intervention of cybersecurity professionals like Abacode’s Cyber Lorica. The managed network surveillance platform is a tool that when properly configured, operated, and maintained, will enable the organization to detect attacks. Managed network surveillance requires human intelligence and human decision making to analyze the attacks and determine the proper course of action or response that should be enacted to protect the organization.

Managed Network Surveillance Technologies

Abacode’s Cyber Lorica combines the Intrusion Detection System (IDS), Security Incident and Event Management (SIEM), and Vulnerability Scanning capabilities of AlienVault, the Mobile Device Management (MDM) capabilities of VMWare AirWatch, and custom built security and OpenSource solutions, in a platform that is monitored 24 hours a day, 7 days a week by cybersecurity experts. The type of managed network surveillance provided by Abacode is considered proactive, because we identify vulnerabilities before these are exploited by hackers and detect high risk behavior before this leads to a breach.

AlienVault is recognized as a “visionary” in the Gartner Magic Quadrant for Security Incident and Event Management (SIEM). The AlienVault Unified Security Management (USM) solution provides:

  • Security Incident and Event Management (SIEM)
  • Vulnerability Assessment (VA)
  • Asset Discovery
  • Network and Host Intrusion Detection (NIDS/HIDS)
  • File Integrity Monitoring (FIM)
  • Open Threat Exchange
  • Threat Intelligence.

AlienVault’s Open Threat Exchange community enables sharing of Internet Protocol (IP) and URL reputation information. AlienVault Labs provides an integrated threat intelligence feed to Cyber Lorica that includes updates to signature, vulnerability, correlation, reporting, and incident response content.

AirWatch is recognized as the “leader” in the Gartner Magic Quadrant for Enterprise Mobility Management. Through the integration of AirWatch into the Cyber Lorica managed network surveillance platform, Abacode’s cybersecurity professionals are able to identify security issues with the organization’s mobile device fleet.

Abacode has the MSSP expertise to develop plugins that integrate unsupported devices, systems, and applications into AlienVault. Such integration capabilities enable our cybersecurity professionals to monitor systems that are not supported out-of-the-box to identify internal and external unauthorized activity.

Configuration Options

Cyber Lorica has multiple deployment options, including Cloud-based, physical appliance, and virtual appliance delivered to a VMWare ESXi host. Abacode recommends the physical or virtual appliance option in most solutions as it keeps the security data and logs contained within the organization’s data center. In Cloud-based deployment, the security data is transmitted and encrypted to a cloud server where it is stored for analysis and reporting purposes, and destroyed when the security data becomes irrelevant.

All available features of the network IDS are enabled by collocating the Cyber Lorica appliance with the primary firewall and core switch in the data center. In this manner, the appliance can be set up to inspect all traffic going through the firewall in addition to having access to the firewall generated syslogs.

Network appliances and devices such as routers and switches are configured to forward their syslogs to the Cyber Lorica appliance for storage and analysis. In the case of Unix and Linux servers, host IDS and file integrity monitoring is accomplished through the installation of an agent application. This agent has a small footprint and utilizes minimal amounts of RAM and CPU cycles.

?
Learn about our
MSSP guidance!
Junior Cybersecurity Engineer

Apply now to be an Abacode Junior Cybersecurity Engineer!

Your Name

Your Email

Message (optional)

Resume

×