Security Information and Event Management (SIEM)
FortiSIEM delivers powerful security information and event management (SIEM) with user and entity behavior analytics (UEBA)
Acronis Cyber Protect Cloud integration with FortiSIEM
FortiSIEM brings together visibility, correlation, automated response, and remediation in a single, scalable solution. It reduces the complexity of managing network and security operations to effectively free resources, improve breach detection, and even prevent breaches. To power more effective threat hunting, FortiSIEM now includes new link graph technology which allows for easy visualization of relationships between users, devices, and incidents.
FortiSIEM is the industry’s only security operations platform with a fully inbuilt configuration management database (CMDB).
With its CMDB, FortiSIEM can automatically leverage active and passive methods of discovery to build your asset inventory. This includes devices and their applications, and it tracks the state of those assets over time. Continuously collecting context such as configurations, performance, vulnerability, their relationship to business services, and their Purdue model OT associations so teams know the state of the environment when an incident arises. And they have the visibility needed to fix problems proactively.
This integration is enabled through the Acronis SIEM Connector. The SIEM Connector uses the Acronis agent as a log writer, enabling MSPs to store Acronis Alerts, Events, Activities, and Audit Log on any endpoint in the customer network from where they can be ingested by the SIEM, or send those logs to a syslog server. The Connector supports CEF and JSON log formats.
