Threat Management

Threat Management is a unique feature of RSEM based on its advanced correlation modules. It analyses the attacker information arriving in its global CNAM repository. It correlates this information to identify any failed attack attempts or threats and notifies other networks that are connected to it to secure their assets. 

For example:
Consider an organization that has operations distributed between two sites and RSEM is deployed at these two sites. Now, if there are any attacks on one of the assets’ vulnerability at one of the sites and the vulnerability score of that site increases, RSEM analyses these attacks and correlates those logs with the available attacker information in its central CSIEM repository, analyses and identifies any similarities with attacks happening elsewhere, interprets the attack pattern and immediately notifies the other site to secure their assets.

All these activities are done in real time enabling an organization to be prepared against the attacks happening on its network simultaneously ensuring that counter measures are taken to identify and arrest the activities of the culprit in real time.