As of version 5 SIEMonster is deployed with a unified dashboard that is focused on providing fast and efficient visibility of events flowing through the environment, their criticality and direct access to pass these events to Incident Response including the possibility to create a permanent forward for events observed in the event viewer panel. The entire dashboard is also completely customizable to any preferred layout using the available widgets that are shipped with the solution.
The new interface also supports creating a variety of dashboards which can be individually saved for specific purposes, be it healthchecks, visualizations of specific types of flows or for Incident response. The possibilities are endless.
True multitenancy out of the box
All instances of version 5 will also be MSSP ready and can be expanded to include as many MSSP tenants as is required by your implementation and additional tenants can be added with a few clicks in the new interface. It is also as easy as flipping between tenants for ease of administration.
All tenant activities are now centrally controllable with none or limited CLI requirements for provisioning
The new interface also boasts a shortcut bar on the left for convenient access to the primary modules such as dashboards, alerts, incident response, administrations, reporting and then a modules shortcut for other items in the subsystem that aren’t generally accessed that often or used in a set and forget fashion.
The alerting and event monitor components now have a tight visual integration to compliment the tried and test background integration that has existed since version 4.4 of SIEMonster.
With the new integrations it has become possible to control the actions to be taken with events more granularly, giving the power back to the SOC and administration teams.
The ease of use has been extended to the rules populating the alerting component, these can now be directly access in the same pane for modification and fine-tuning. The default sample rules have been included to get you started with your own modifications.
Healthchecks can now be quickly access to see if there are any infrastructural issues listed. More in-depth health monitoring can then be reviewed in the Metrics module.
Role based access control (RBAC)
In this build the RBAC has been completely re-engineered to accommodate growing requests by customers to more tightly integration single sign-on and unifications of the various modules bundled in the environment.
Frontend service upgrades capabilities
From Version 5, full service level upgrading is available directly from the web interface. This allows for quick and easy upgrade of the various components as updates are released. This can be performed on the core system, that manages the tenants, as well as down to the individual tenant layer one tenant at a time to comply with change control processes and compliance requirements facing many businesses today.