With LMNTRIX Active Defense, we don’t use a SIEM to detect and respond to advanced threats. However, we do recognize the need for a SIEM to meet log management and compliance requirements and as such we offer an onsite Managed SIEM Service or a cost-effective cloud option SIEM-aaS to replace your SIEM – we call it ThinkGrid. Offered as an optional extra to Active Defense, LMNTRIX ThinkGrid is the fastest and most scalable analytics based SIEM on the planet. By allowing unlimited log collection, LMNTRIX ThinkGrid is ideal for large log management and compliance use cases. The free ThinkGrid Onsite can be deployed on Google Cloud, Azure, AWS, or in-house otherwsie you can cost-effectively subscribe to ThinkGrid Cloud.
Our use of machine learning algorithms means ThinkGrid Cloud gets smarter every minute while also eliminating the need for clients to come up with use cases, write rules or create thresholds. By analyzing your data in order to find discrepancies and unorthodox behavior, ThinkGrid Cloud is able to link these anomalies together, joining the dots and uncovering the truth behind advanced threat activity. Critically, in order to ensure accuracy, our algorithms are based on your data because the only way we can know what is “abnormal”, is to know what’s “normal” for your organization.
SecOps and threat hunting are team sports: ThinkGrid provides an interactive workspace for security teams to triage events and perform initial investigations. Monitor for threats, gather evidence on a timeline, pin and annotate relevant events, and forward potential incidents to ticketing and SOAR platforms.
Gain visibility into your environment: ThinkGrid allows you to view your data on interactive dashboards and maps. Perform graph-based relationship analysis. Search across information of all kinds. Do it all with the technology fast enough for the sharpest analysts.
Automate detection with ATT&CK-aligned rules: With ThinkGrid Cloud you can continuously guard your environment with correlation rules that detect tools, tactics, and procedures indicative of potential threats. Cut to what matters with preconfigured risk and severity scores. Content is aligned with the MITRE ATT&CK knowledge base and ready for immediate implementation.