Monthly Threat intelligence, cyber security and regulation news – straight into your inbox. Sign up to our newsletter
In this age where cloud solutions and endpoint security are at the forefront of cyber security discussions, it’s easy to overlook the critical role played by traditional appliance-based security devices, restricted on-premises environments, and legacy compute systems.
These diverse sources generate a wealth of data that is crucial for thorough security analysis, the Security Log Analytics service offers a solution that embraces both the new and the old, ensuring attacker Techniques, Tools & Procedures (TTPs) can be detected across disparate IT and security assets.
Utilising either our in-house developed SOC platform or a supported 3rd party XDR platform / SIEM (e.g. Microsoft Sentinel), we can detect subtle signals of attack activity that might otherwise go unnoticed and offer a holistic view of your entire security posture.
At the core of our service is the commitment to optimise the cost of log ingestion and analysis, we provide options to deploy both virtual and physical log collector appliances that can collect, normalise, and transmit data to the chosen log analytics platform. The calculation for log ingestion charges excludes any data from services already included for the Threat Detection & Response service portfolio (e.g. Modern Workplace Protection, Endpoint Detection & Response).
Log forwarding appliances are configured to maintain the integrity and confidentiality of the data being transmitted and we ensure that the processing methodologies adhere to compliance and regulatory requirements that often govern legacy and on-premises systems, ensuring that legal and procedural standards are met
The e2e-assure Security Log Analytics service is offered using one of the following XDR platforms as a central repository for log consolidation and analysis:
It is envisioned that Security Log Analytics will be utilised whereby the following options for detection signals are either NOT possible or NOT desired:
Examples of the types of log sources and their application in the Threat Detection & Response ecosystem:
Includes logs from Firewalls, IDS/IPS, routers, switches, and other network appliances. These are used for monitoring network traffic, detecting unusual patterns, and identifying potential network breaches.
Logs from operating systems, web servers, databases, and applications. This data can identify anomalous system behaviour, admin activities, system errors, and suspicious application events.
Tailored to accommodate logs from bespoke applications, ensuring that custom-built systems are equally monitored and protected. May require a separate project depending on the level of application complexity.
“World-leading cyber threat monitoring is critical to any modern organisation and this is exactly what e2e-assure provide for us and our customers.”
Speak to our team today to find out more about pricing and our onboarding process.
In our latest independent research we surveyed 500 cyber risk owners and 1000 employees, to truly understand future internal threats for businesses in 2025. Read now to gain valuable insights on workforce disconnect and the threats from AI adoption.