Latest Cyber Security Software Developed in UK by Assuria Limited and exported worldwide and brought to Nigeria by her Partner/Distributor-Tolvoks Nigeria Limited.
Assuria limited have over 250 customers in the US, South America, Europe, Mid. East, Asia and also have sales partner in more than 30 countries including Africa.
Assuria supplies its SIEM technology to British Aerospace Engineering (BAE) Systems worldwide as a strategic partner.
Key Features of Our Products through Partnership
- 1. Assuria Log Manager-Key Features
Enterprise Wide Log Collection. Secure and forensically sound collection of logs from almost any source into a central store.
Log Management. Enterprise wide automated management of logs, including log rotation.
Forensic Readiness. Logs are collected in a secure and forensically sound manner, retaining their original form and complete with relevant meta data, thus allowing repeated examination with new analysis rules and use of the logs by other applications and processes.
Automated Analysis. Collected logs are processed by a rules-driven analysis and anomaly detection engine. Flexible and extensible analysis rules allow ‘interesting’ events to be tagged and written to a database for further analysis and reporting.
Data Visualisation and Querying. ALM provides facilities to visualise analyse and report on stored original log data, allowing unstructured ‘Google’ type searches on any item, providing rapid and effective interactive analysis and learning. Knowledge gained in this way can provide input to the generation of new automated analysis rules and reports.
Real-time Event Alerting. Configurable to specific log events, sent via Email and/or SNMP traps.
Log Data Export. Export of collected log data to external systems (including other SIEM solutions) in various forms – raw logs, form normalised or content normalised. Highly scalable – supports multiple exporters.
Reporting. Flexible analysis, correlation, aggregation and reporting in HTML, PDF, XLS, XML and CSV.
Agent Based Log Management. Ensures the security, continuity and integrity of all collected logs and allows alerting at the log source.
Digitally Signed. An RSA/SHA256 digital signature is calculated and the log digitally signed before transfer. Transfer is authenticated and encrypted using TLS.
Secure Storage. Log cataloguing, chain of custody records, archive creation and management. Archive to secure long term storage, complete with a digitally-signed manifest.
Scalable and Modular Architecture. Designed to support almost any sized IT environment up to thousands of log sources. Supports multiple collection points, with load balancing and resilience built-in.
- 2. CyberSense Enterprise Scanner-Key Features
Agent Optional. CyberSense ES provides a blend of agent based and agent-less scanning operations, depending on which approach is most appropriate to meet enterprise operational requirements.For example, where the highest levels of integrity and automation are required, CyberSense ES uses powerful, self-contained and unobtrusive software agents. Resident agents are especially important in virtualised environments.
However, where agent-less scanning is preferred, CyberSense ES uses secure, credentialed remote scanning, using the same deep checks and scan policies as agents. Agent based and agent-less operations run seamlessly side by side.
Built-in Knowledge Base. Delivered with a comprehensive security knowledge base of more than 2500 configuration and vulnerability checks (not just OVAL definitions), patch checks and best practice policies, CyberSense ES detects potential vulnerabilities, assists with assessment of risk and recommends steps required to mitigate those risks.
Internal Policy Compliance. As well as monitoring compliance with external standards and accepted best practice in security configuration, CyberSense ES allows users to adjust scan policies to match the specific requirements of internal security policies.
Comprehensive Reporting. Executive, management and technical reports are provided, identifying security weaknesses, poor configuration, missing patches and compliance issues, along with detailed remedies and advice. Report customisation features allow tailored reporting and report exporting.
Virtualised environments. Assuria CyberSense ES is fully compatible with virtual environments, both VMware and Hyper-V. The built-in security knowledge base includes virtualisation checks within specific operating platforms, and VMware ESX and ESXi platforms can be scanned directly.
Assuria Auditor compatible. Scan targets using current Assuria Auditor agents. CyberSense ES is fully compatible with current Assuria Auditor checks and policies, providing easy migration for existing Assuria Auditor customers.
GRC Support. Comprehensive Governance Risk and Compliance features not only support current methodologies but enhance them. CyberSense ES helps organisations meet standards such as ISO 27001, FISMA, BS17799, SOX, PCI-DSS, GCSX CoCo and others.
Remediation Support. Detailed remediation instructions enable even inexperienced system administrators to quickly bring systems into compliance. Flexible reporting features also provide verification to satisfy auditor requirements. Industry recognized CVE and BID references are provided. Additionally, with the included CVSS score support, organisations can ensure that the remediation process is based on irrefutable findings.
- 3. Assuria Auditor-Key Features
Assuria Auditor utilises a comprehensive built-in Knowledge Base of known security vulnerabilities, security control configurations, up to date patch checks and security best practice information to enable organisations to easily bring their IT infrastructure up to high standards of security, especially servers. Internal IT security knowledge or experience is not necessary, because the built-in Assuria Auditor knowledge base includes not only the thousands of individual checks for a wide range of operating platforms, but also explanations of the implications of each vulnerability and step by step instructions on remediation.
Regulatory Standards Compliance
The comprehensive built-in security database includes mappings of each of Assuria Auditor’s 2500+ security configuration checks to appropriate references within a range of standards such as ISO 27001, GPG-13, BS17799, PCI-DSS, SOX, GCSX CoCo and others. This makes it easy to assess server compliance against these standards. Detailed remediation instructions enable even inexperienced system administrators to quickly bring systems up to the level of compliance needed. Powerful reporting also provides verification to satisfy internal and external auditors. CVE and BID references are also provided, with CVSS scores where appropriate.
Internal Policy and Build Standards Compliance
As well as monitoring compliance with external standards and accepted best practice in security configuration, Assuria Auditor can easily be customised to allow users to adjust checks and policies and write new checks to match the specific requirements of an organisation’s own security policy, thus ensuring full compliance. In the same way, Assuria Auditor can be configured to assess the build configuration of systems against internal build standards so as to ensure that systems are configured to corporate standards prior to rollout.
Change Detection and File Integrity Monitoring
System administrators and corporate network management systems can be alerted to unexpected or un-authorised configuration changes, or changes to critical system elements and applications. Powerful change detection management features allow rapid assessment and reporting of suspicious or potentially troublesome changes. Change detection can be applied to whole systems and subsystems (i.e. Baselines) or specific resources such as individual files, folders or executables (i.e. File Integrity Monitoring).
Automated operations and alerting
Assuria Auditor has a powerful bult-in scheduling subsystem which allows scanning and integrity checking operations to be fully automated. Once systems have been brought up to the required level of security configuration, for the most part, scanning operations should be looking for exceptions and suspicious changes to critical system components (for example with file integrity checking) and these operations can be fully automated and scheduled. Checks can also be configured to raise alerts in a number of formats and using various alerting processes.
Assuria Auditor provides powerful inventory assessment and reporting features, listing all hardware and software components installed, active services, open ports and much more, greatly assisting asset managers and internal auditors. Why buy a separate inventory reporting system when Assuria Auditor gives you these features as well!
Assuria Auditor Information Manager (AIM)
The Assuria Auditor results database contains vast amounts of valuable and hard to get system information that until now was a hidden goldmine. Now this resource is accessible via AIM – a powerful and easy to use analysis and reporting feature. Please follow the link to the AIM specification page at left.
Extensible Knowledge Base
Assuria Auditor offers huge flexibility and extensibility. The built-in knowldge base of vulnerability tests, patch checks, compliance assessment checks and security best practice can be extended through a simple to use interface, even allowing addition of entirely new checks, modified checks and creation of custom policies
4.CyberSense Object Scanner-Key Features
- Generates previously unobtainable intelligence relating to document contents and structure
- Compares file structure with manufacturer specifications
- Optionally autocorrects back to specification or a specific standard
- identifies the ‘known good’ content and identifies all potential attack vectors in document borne content
- Highlights major areas of concern in terms of failure types, system types, locations etc.
- Detailed analysis reports highlight the nature and location of questionable content
- Statistical and analytical reports and charts support policy management decisions
- View and drill down through scan results interactively, using built-in visualisation features
- Optional transformation of files enables standardisation to specified file types for data standardisation
- Regenerates only ‘known good’, compliant format and allowable content for onwards transmission
Examples of Industries that can use Assuria Products
- Especially Banking and Financial Services
- Increasing focus by Central and Local Government agencies , Schools
- Defence and Aviation Security Services
- Utilities (e.g. PHCN), Telecoms
- Retail, Oil Companies, Media, Insurance, etc.
For free Consultation, Presentation and Demo of the products plus Free Trial Version for a limited time.Visit www.assuria.com
Contact Person:Ositolu Osibowale,
Tolvoks Nigeria Limited
16 Alhaji Adetoro Ipaye Street,
Graceland Estate, Ajiwe Village,
Promoted by Tolvoks Nigeria Limited