
CyberSift SIEM
Self-Learning Cyber Threat Detection
CyberSift leverages threat intelligence from industry leaders like IBM X-Force and others who collect and analyse information from the community.
Our expert engine detects zero-day attacks by highlighting abnormal behaviour. You can adjust abnormality severity by taking into consideration our context addition module.
We bring fully searchable audit logging, threat detection, and reports to all areas of your environment.
Detect Threats to Your Environment That Slip Past Traditional Defences


Clear and Easy Visualisation With Our Context Addition Module
Enrich your logs with “context addition”, which allows analysts to easily visualise relationships between nodes that communicate with malicious peers.
Augment the IP information provided by your network devices with useful threat hunting information, such as the AS number and country.
Detect and visualise known bad IP addresses from a wide variety of sources, including TOR IP addresses, C&C servers, and scanning hosts.
CyberSift makes threats visible in your installed software as well as sensitive files changed on your hosts.

Visibility Into All Areas of Your Environment

Easily Scalable
Based on award-winning FOSS technology (Elasticsearch) and supported by major cloud providers (AWS and GCP), CyberSift is easy to scale.
CyberSift incorporates both anomaly- and signature-based systems, resulting in a hybrid system that reduces the number of false positives that typically plague anomaly-based only systems.
You get the best of both worlds.
Leverages Decades of Experience and Adds the Power of Anomaly Detection


Flexibility
CyberSift ingests data from any log source (e.g. packet captures, text logs, Windows event logs, APIs, syslogs, NetFlow, OSSEC, and Splunk).
CyberSift’s reporting dashboard is interactive, allowing you to customise your logging and reports (e.g. adjust abnormality severity, etc.).
Completely Customisable and Interactive Reporting


Tutela Vulnerability Assessment Solution Integrates With CyberSift
Integrate the security anomaly detection platform with our vulnerability assessment solution and get even more visibility and protection to your business.

Why CyberSift?
Fast deployment with no network changes required
CyberSift can easily consume data from existing syslogs or similar means and add rich insights into those alerts that matter.
Set up in under an hour

Augment your SIEM with the power of AI
Make your security team more aware and more efficient while eliminating human error. CyberSift helps security analysts sift through thousands of alerts, drawing attention to those that matter most while reducing millions of alerts to a few hundred.
Clearly visualise threats

Easy configuration with no tuning required
Detect attacks that would slip past traditional defences. CyberSift is inspired by machine learning techniques, and these statistical algorithms do not require fine-tuned rules or signatures; instead, they focus on abnormal behaviour.
Detect abnormal behaviour
