Cumulo is our in-house built and maintained SOC platform used to deliver our SOC Services. We've designed Cumulo around the SOC Analyst to support their work in making yours and our business more secure by delivering our 24/7 Always On detect and respond capability.
Cumulo can act as a standalone Security Information and Event management (SIEM) tool with automation capabilities or work alongside other tools, such as Microsoft Sentinel, Splunk and IBM QRadar to enrich the data received, improving the information available for analysis. Cumulo can take a range of data sources, including logs, network traffic and more, bringing all tools together to provide a single lens into your organisation. This allows Analysts to have a single point of truth for investigation and incident response, reducing time spent moving between technologies and giving all data related to a particular event in one place to enrich the analysis.
Features
- A centralised, all-in-one, analyst-focussed cyber defence platform
- Full packet capture environment with IDS, including deep packet inspection
- Automation and orchestration capabilities
- SIEM, with log and event correlation
- Transparent and open - used by both the SOC and the customer, with full access to data