En
En
Products
SearchInform DLP
SearchInform Risk Monitor
SearchInform ProfileCenter
SearchInform FileAuditor
Data protection and classification
Access rights audit
User activity audit, investigation
Compliance
Use case: access control and change management
Use case: user behavior and insider detection
Use case: eDiscovery
Use case: file cleanup
SearchInform SIEM
TimeInformer
Cloud solutions
Third-party integration
Services
Services
SearchInform for MSSP
How to max out SearchInform services
Compliance
Saudi Arabian Monetary Authority
GDPR compliance with SearchInform
Personal Data Protection Bill
Resources
White Papers
Research
How to
Practices and use cases
Videos
Partners
Become a Partner
Partner login
Contact us
Products
SearchInform DLP
SearchInform Risk Monitor
SearchInform ProfileCenter
SearchInform FileAuditor
SearchInform SIEM
TimeInformer
Cloud solutions
Third-party integration
Services
Services
SearchInform for MSSP
How to max out SearchInform services
Compliance
Saudi Arabian Monetary Authority
GDPR compliance with SearchInform
Personal Data Protection Bill
Resources
White Papers
Research
How to
Practices and use cases
Videos
Partners
Become a Partner
Partner login
Contact Us
Book a return call
HomeProduct NewsFrom now on, the SSH Protocol is Supported by the SearchInform SIEM
BACK TO BLOG LIST
From now on, the SSH Protocol is Supported by the SearchInform SIEM
11.12.2023

The new connector enables to connect hundreds of Linux and Windows sources.

The connector, which enables to gather data via SSH (Secure Shell) protocol was added to the SearchInform SIEM system in the latest update of the solution. Thanks to this update the SIEM system’s capabilities of customers’ IT infrastructure control were enhanced: any software and equipment with Unix shell, as well as Windows devices and processes can be connected to the SIEM system. The new connector’s coverage of sources can be compared with that of connector for syslog – the most universal data exchange format.

Apart from standard connectors, which gather security events from sources, SSH-connector gets data from devices and software about their current status. Thus, the SSH protocol helps to get data on the state of IT-infrastructure: for example, get details on the CPU or RAM usage etc. This is useful for tracing anomalies in the work processes of devices and programs, which may be the SSH Servers and Clients. Anomalies, in turn, may indicate attacks – the SSH protocol, regarding it’s wide range of capabilities is often exploited by hackers.

The SearchInform’s out-of-the-box solution offers instantly available cross-correlation rules, which are capable of detection of potential problems basing on the data, gathered by SSH connector. The events from SSH connector can be combined with events from other sources with the help of cross-correlation service. Finally, SearchInform SIEM enables to activate automatic response to the detected incidents, including those, which were revealed by the SSH connector. The response is configured by the user beforehand.

“Our SIEM system is practically oriented, it was conceived, among others, as a tool for countering threats. Firstly we implemented the proactive functionality, now we’ve supported the SSH protocol. This is beyond the typical SIEM system functionality and enables customers to get the required tools with no need to purchase additional software.” - told Ricardo Martinez, Regional Business Director and Head of the representation of Latin America at SearchInform.

BACK TO BLOG LIST
Also read:
SearchInform Risk Monitor Updates: new User Interface and Enhanced Transparent Control Capabilities
Employee monitoring Risk management
15.04 Products News
The SearchInform Risk Monitor’s Capabilities of Web-camera, Monitor and User Activity Control for Linux Operated PCs Were Extended
Employee monitoring Risk management DLP
11.12 Products News
Subscribe to get helpful articles and white papers. We discuss industry trends and give advice on how to deal with data leaks and cyberincidents.
Products and Services
FileAuditor
DLP
Risk Monitor
ProfileCenter
SIEM
MSSP
Cloud Deployment
Company
Contact
About Our Company
Company Portfolio
Our Clients
Press About Us
Press Kit
Resources
White Papers
Third-party integration
Research
Practices and use cases
Videos
News
Company News
Product News
Events
Blog
Challenges
Compliance
Data Loss Prevention
Investigation
Data at Rest Discovery
Data Encryption
Data Visibility
Data Classification and Protection
Data at Rest Discovery
Time Tracking and Employee
Monitoring
Corporate Fraud Mitigation
Roles
C-level executive
Risk manager
Internal audit officer
Compliance manager
Information security analyst
Chief Human Resources Officer
Industries
Business Services
Education
Financial Services
Government
Insurance
Manufacturing
Healthcare
Retail
Energy
Hospitality
Construction
Partners
Become a partner
Partner login
SearchInform products are recognized by
Gartner The Radicati Group
Follow us:
© 2024 SearchInform LTD All rights reserved.
Terms of Use
Licence
Privacy&Cookies