Prelude SIEM is a security information and event management (SIEM) tool.
Prelude SIEM is a tool for IT security that collects and centralizes information about the company's IT security to offer a single point of view to manage it. It can create alerts about intrusions and security threats in the network in real-time using logs and flow analyzers. Prelude SIEM provides multiple tools for forensic reporting on big data to identify weak signals and advanced persistent threats (APTs). Prelude SIEM also includes tools for the exploitation phase to make work easier for operators and help them with risk management.
While a malicious user (or software) may be able to evade the detection of a single intrusion detection system, it becomes exponentially more difficult to get around defenses when there are multiple protection mechanisms. Prelude SIEM comes with a large set of sensors, each of them monitoring different event types. Prelude SIEM permits alert collection to the WAN scale, whether its scope covers a city, a country, a continent or the world.
Prelude SIEM is a SIEM system capable of inter-operating with all the systems available on the market. It implements natively with the Intrusion Detection Message Exchange Format (IDMEF, RFC 4765) format. In this way, it is natively IDMEF compatible with OpenSource IDS: AuditD, Nepenthes, NuFW, OSSEC, Pam, Samhain, Sancp, Snort, Suricata, Kismet, etc. but anyone can write their own IDS or use any of the third party sensors available, given Prelude SIEM's open APIs and libraries.
Since 2016, with the "Prelude IDMEF Partner Program", Prelude SIEM is now also IDMEF compatible with many commercial IDS.
Prelude SIEM provides all SIEM functions through three modules: ALERT (SEM), ANALYZE and ARCHIVE (SIM) and is so the only one true SIEM alternative on the market. Plus, Prelude SIEM promotes the use of IETF security standards through the SECEF project and the "Prelude IDMEF Partner Program".
View More On Wikipedia.org
