WatchWave solution that provides a complete view of all the relevant data from the organization’s systems, devices, and their interactions with real-time security insights for immediate action that scales the resources and reduces exposure to risk.
WatchWave provides security professionals with comprehensive capabilities that accelerate threat detection, investigation, and response — modernizing security operations and strengthening cyber defenses.
WatchWave SIEM/FIM solution uses a universal agent, which is a small program installed on the enterprise customer systems to be monitored.
The agent provides the necessary monitoring and response capabilities, while the WatchWave server provides the security intelligence and performs data analysis. In addition, WatchWave also uses an agentless approach for systems that an agent cannot be installed on (firewalls, routers, switch's and Unix systems).
WatchWave is a full platform to monitor and control corporates, banking, and financial institutions critical systems. It combines all the aspects of HIDS (host-based intrusion detection), log monitoring, SIEM, and FIM (File Integrity Monitoring) all together in an intelligent and powerful solution.
WatchWave Dashboards, Alerts
WatchWave SIEM/FIM Security operations center provides over 60 built-in dashboards distributed based on asset groups, covering assets in the environment based on their role (domain controllers, internet firewalls, core and edge network devices).
In addition, WatchWave provides more comprehensive dashboards and an executive summary dashboard, providing a security overview for the top events being actively logged in the environment to keep the real-time status of the environment in check.
Real-time and Predefined Alerts
Integration with Jira service desk allows customers to be on top of high importance and critical events by sending real-time alerts to Jira service desk
WatchWave collects, aggregates, indexes, and analyzes security data, helping organizations detect intrusions, threats, and behavioral anomalies.
As cyber threats are becoming more sophisticated, real-time monitoring and security analysis are needed for fast threat detection and remediation. That is why WatchWave light-weight agent provides the necessary monitoring and response capabilities, while WatchWave server component provides the security intelligence and performs data analysis.
WatchWave agents scan the monitored systems looking for malware, rootkits, and suspicious anomalies. They can detect hidden files, cloaked processes, or unregistered network listeners, as well as inconsistencies in system call responses.
In addition to agent capabilities, the server component uses a signature-based approach to intrusion detection, using its regular expression engine to analyze collected log data and look for indicators of compromise.
Log Data Analysis
WatchWave agents read operating systems and application logs, and securely forward them to a central manager for rule-based analysis and storage.
Over 2000 aggregation and correlation rules help keep the analyst aware of application or system errors, misconfigurations, attempted and/or successful malicious activities, policy violations, and a variety of other security and operational issues.
File Integrity Monitoring
WatchWave monitors the file system, identifying changes in content, permissions, ownership, and attributes of files on which the analyst needs to keep an eye. In addition, it natively identifies users and applications used to create or modify files.
File integrity monitoring capabilities can be used in combination with threat intelligence to identify threats or compromised hosts. In addition, several regulatory compliance standards, such as PCI DSS, require it.