LogSentinel SIEM
for AWS Security Monitoring
Connect AWS to LogSentinel SIEM
Amazon Web Services (AWS) is a leading IaaS provider used by thousands of companies for their IT infrastructure. There are multiple sources of security-relevant events that should be integrated and correlated in order to gain full visibility on the threat landscape.
With LogSentinel SIEM you have a unified dashboard for real-time control and insight across all aspects of AWS. Demonstrate compliance at reduced operational cost and minimize effort on audit, forensics and fraud detection.
Full AWS
Log Coverage
CloudTrail, CloudWatch, GuardDuty, Amazon Virtual Private Cloud (VPC), Amazon Elastic Compute Cloud (EC2), Elastic Load Balancing (ELB), authentication events.
Threat
Detection
LogSentinel discovers anomalous behavior, as well as insider and cyber threats, based on flexible rules, machine-learning and threat intelligence
Straightforward
Integration
API-based integration allows you to collect events from multiple AWS sources by simply configuring AWS credentials with the proper permissions
Data Insights and
Visualizations
Gain insights by analyzing correlated data from AWS and other cloud and on-premise sources with flexible custom queries and charts
AWS Security Monitoring Use Cases
Unauthorized
Access
Monitor authentication events and get alerted for anomalies
Configuration
Anomalies
Correlate CloudTrail events and look for irregular patterns
Anomalous
API Calls
React to malicious API calls that can threaten the entire infrastructure
Suspicious
IAM Activity
Tackle account management and privilege escalation risks
Suspicious
VPC Traffic
Investigate suspicious traffic to and within your Virtual Private Cloud
