DataGrain ESO

DataGrain ESO - is a domestic solution that allows you to collect, filter and profile incoming information security events, centrally store data in a compressed format and transfer only necessary data to third-party solutions.
What does DataGrain ESO decide:
need to reduce the input flow to SIEM system;
need to improve operation efficiency and speed of SIEM system;
need to reduce financial expenses for SIEM licensing;
need for long-term storage of historical data in a compressed format;
Сложность настройки параметров фильтрации данных;
difficulty of data filtering parameters setting;
Advantages of DataGrain ESO:
Domestic software;
Multi-stage filtering of information security events based on statistic analysis and signature rules;
Profiling of the incoming flow of information security events in SIEM through the historical data analysis;
Centralized storage of all source data in OLAP storage in a compressed format;
Reduced financial costs for SIEM licensing.
Expected outcome that the customer will be delivered:
  • Optimized volume of the input stream of events into SIEM system;
  • Implemented long-term storage of historical data in a compressed format;
  • Reduced financial costs for SIEM system licensing;
  • Increased efficiency and speed of the SIEM-system;
  • Reduced operating costs for SIEM system and minimized errors of analysts for manual data processing.
What will the product price depend on:
  • What EPS is expected on entry?
  • Number of target data sources connected to SIEM?
  • Number of new target sources required to connect?
  • Complexity and distribution of the current architecture for data acquisition, processing and storage?
  • Whether data replication is required?
  • Number of offices / branch offices / remote sites to deploy standalone copies of the system?
  • Need to customize monitor panels and dashboards of the system?
For what customer’s requests can we offer DataGrain ESO:
  • Upgrading of SIEM;
  • Long-term data storage;
  • Reduced data flow;
  • Historical dimension of IS logs;
  • Reduction of financial costs for SIEM licenses;
  • Setting up correlation and filtering rules;
  • ArcSight Logger, IBM SIEM, RSA, MaxPatrol SIEM.

Документация по установке и эксплуатации системы предоставляется по запросу через форму обратной связи или на e-mail

Order a pilot
we will contact you as soon as possible
By clicking the 'Submit' button, you accept the user agreement and agree to rules for the use and processing of personal data