ISMAC USM
01
Security
Log Management
AI Powered SIEM
ISMAC comes with built in k-NN AI Algorithm which enables users to run nearest neighbor search on billions of event logs across thousands of dimensions with the same ease as running any regular search query. Use aggregations and filter clauses to further refine your similarity search operations. Power uses cases such as anomaly detection, fraud detection, event search, and more.
- Log Management
- Log Event Correlation
- User Behavior Analytics
- Anomaly Detection
- Alerts & Reporting
Cloud Security Monitoring
ISMAC helps monitoring cloud infrastructure at an API level, using integration modules that are able to pull security data from well known cloud providers, such as Amazon AWS, Azure or Google Cloud. In addition, ISMAC provides rules to assess the configuration of your cloud environment, easily spotting weaknesses.
- AWS Security Monitoring
- Google Cloud Monitoring
- Azure Monitoring
- Docker Security Monitoring
- Kubernetes Monitoring
ICS/SCADA/OT/IoT Monitoring
Operational technology (OT) drives the ICS allowing for product delivery in the energy, manufacturing, shipping and other transportation sectors. Because of consumer demands and low inter-operability between components and infrastructure not receptive to patches and updates, OT systems often favor availability over security. Thus, OT networks are especially vulnerable once penetration of the firewall is accomplished.
- Behavioral Anomaly Detection in SCADA
- Netflow Monitoring
- Troubleshooting & Investigation
02
Threat
Detection & Response
Vulnerability Scan
ISMAC agents pull software inventory data and send this information to the server, where it is correlated with continuously updated CVE (Common Vulnerabilities and Exposure) databases, in order to identify well-known vulnerable software.
- Vulnerability Detection
- File Integrity Monitroing
- Windows Registry Monitoring
- Rootkit & Malware Detection
- Reporting
Intrusion Detection
ISMAC agents scan the monitored systems looking for malware, rootkits and suspicious anomalies. They can detect hidden files, cloaked processes or unregistered network listeners, as well as inconsistencies in system call responses.
- Security Analytics
- Threat Intelligence Feed
- Anomalies Detection
- Remote Forensics
- MITRE ATT&CK Framework
Incident Response
ISMAC offers out-of-the-box active responses to perform various countermeasures to address active threats, such as blocking access to a system from the threat source when certain criteria are met.
- Cortex Threat Analysis
- Active Response
- REST API
- Reporting
03
Laws
Compliance
Policies & Compliance Monitoring
ISMAC offers some of the necessary security controls to become compliant with industry standards and regulations. These features, combined with its scalability and multi-platform support help organizations meet technical compliance requirements. ISMAC is widely used by payment processing companies and financial institutions to meet PCI DSS requirements.
- Policies Monitoring
- Compliance Monitoring
- Configuration Monitoring
- CIS-CAT
- OpenSCAP
Case Management
ISMAC Case Management is designed to make life easier for SOCs, CSIRTs, CERTs and any information security practitioner dealing with security incidents that need to be investigated and acted upon swiftly. You can synchronize it with one or multiple ISMAC MISP instances to start investigations out of MISP events.
- Security Case Management
- Threat Analytics Engine
- Indicator of Compromise
- Active Reponse
- REST API
Compliance Reporting
ISMAC offers out of the box fully mapped compliance reports for GDPR, PCI DSS, NIST 800, HIPAA etc. ISMAC also allows it’s users to customize reports as per their need and requirements.
- GDPR
- PCI DSS
- HIPAA
- LGPD
- GPG13
04
Data
System Metrics
Application Performance Monitoring
ISMAC allows you to monitor software services and applications in real-time, by collecting detailed performance information on response time for incoming requests, database queries, calls to caches, external HTTP requests, and more. This makes it easy to pinpoint and fix performance problems quickly.
- Data Security
- Distributed tracing
- Real User Monitoring (RUM)
- Transaction sampling
- OpenTracing bridge
System Performance Monitoring
Get deep visibility into system bottlenecks alongside detailed network, memory, disk, and operating system stats. ISMAC supports over 60 metrics across 10 dimensions providing unprecedented instrumentation of your network health.
- CPU Utilization
- Memory Unitization
- Disk Utilization
- AWS/Azure/GCP
- Process Monitoring
Network/Netflow Monitoring
Network/NetFlow monitoring is a critical IT process where all networking components like routers, switches, firewalls, & NIDS are monitored for security incidents and identifying the malicious traffic so that attacks can be stopped before they create any mess.
- Network/Netflow Analysis
- Network IDS
- Traffic Sniffing
- DNS/DHCP Monitoring
- Asset Discovery
05
Plans
Plans & Pricing
ISMAC Basic
Minimum billing of 50 endpoints
- Linux/Windows/MacOS
- Log Management
- System Log Analysis
- Security Alerts (email)
- Vulnerability Scanning
- File Integrity Monitoring
- MITRE ATT&CK Framework
- 48 Hours Data Retention
ISMAC Pro
Minimum billing of 50 endpoints
- Everything in Basic Plan
- Docker/Kubernetes
- Policies Monitoring
- Compliance Reporting
- Cloud Security Monitoring
- Cortex Threat Analytics
- Threat Intelligence Feed
- Security Case Management
ISMAC Hunting+
Minimum billing of 50 endpoints
- Everything in Pro
- Security Event Co-relation
- Asset Discovery
- EDR & HIDS
- Active Response
- Threat Detection Rules
- Managed SOC/MDR
- 24ร7 Support
APM, Metrics, Performance
All the features present in ISMAC Hunting+
Customized Data Retention Period
Dedicated Data Storage (Hot & Cold Storage)
ICS/SCADA/OT/IoT Security Monitoring
Monitor critical infrastructure
Network Packet Analysis & NIDS
Network Security Monitoring