Customer and User Management
You can add, update, delete customers, define security analysts and operators and manage user authorization on Comodo NxSIEM using simple user interfaces. Customers are managed in complete multi-tenancy enabling a single deployment multiple customer advantage reducing costs and providing ease of management. You can assign security operators and analysts to customers in order to constitute a level of authorization and visibility of incident handling responsibility.
Situational Awareness
You can observe the overall security situation for all customers and for a specific customer on the same interface. The most important alerts, incidents that are being investigated, priorities and statuses are at your fingertips. Comodo’s SIEM provides Consolidated Information Security Assurance Picture for rapid detection of incidents and improved response time.
Incident and Case Management
Auto generated alerts and incidents are easily observed and managed using simple and intuitive user interfaces. Stories like manual incident generation, incident escalation and status changes on incidents are implemented to fulfill the requirements of MSPs and MSSPs about incident handling.
Rapid Search and Real Time Correlation
The powerful Complex Event Processing engine of Comodo NxSIEM produces near real-time alerts on complex events from different sources. You may configure your own alerts and incidents and manage incidents per customer. There are predefined correlation rules for you to run for a specific customer or customize them for your needs. Our simple and intuitive user interface design provides easy query definition and our big data infrastructure enables rapid search on huge volumes of data.
Detailed Log and Event Monitoring
Log data and events are always ready to monitor and analyze at your fingertips. You can monitor an event group on a chart and immediately auto-query detail events to gain insight without pre-configuration of drill paths.