Step 1
CYREBRO collectors receive log data from the IT solutions deployed at the end customer and send it to the CYREBRO-cloud.
Step 2
The incoming data is consolidated in the SIEM (Security Information and Event Management) system. It is converted into a readable format, enabling faster processing and easier analysis.
Step 3
The pre-aggregated data is now organised and normalised in the Data Lake. Here, a review for relevant security events, known as "Events of Interest," begins.
Step 4
The AI Detection examines all incoming information using a unique combination of artificial intelligence, proprietary detection rules, and correlation of relevant security events.
Step 5
CYREBRO's monitoring and forensics teams collaborate closely based on a SOAR (Security Orchestration, Automation, and Response) system to thoroughly investigate potential suspicions and escalate them if necessary.
Step 6
After a comprehensive investigation of the incident, the investigation teams develop proposals to contain the issue. These proposals are provided in the form of specific action instructions through the CYREBRO platform.
Dashboard
The CYREBRO dashboard serves as the central display and communication platform for ongoing investigations. Alarms, action recommendations, investigation results, and specific inquiries are shown there. The system also allows interactions with the investigation teams at CYREBRO.