Codenotary extends immudb to store SOC and SIEM data with cryptographic verification

By | 4:15 AM Leave a Comment

immudb has a connector to store events and data gathered by Security Operations Center (SOC) and Security Information and Event Management (SIEM) tools from Splunk, Elastic, plus IBM QRadar XDR and Microsoft Sentinel.

“It’s important to store logs and events data and know that it can be trusted in six months, one year, or even five years from now, which is essential in the event of a security issue discovery and then audit and forensic analysis to go back in time to understand what happened and when,” said Moshe Bar, CEO of Codenotary, the primary contributor to the open source immudb project.

“From our experience, it’s not uncommon to have enterprise SOC platforms tracking 100,000 events per second or more,“ Bar added.

Only immudb is capable of storing SOC and SIEM data like logs and events with cryptographic verification and at volumes that exceed millions of entries per second. The data is fully searchable to help with remediation in the event of a security issue.

“A Security Operations Center (SOC) must constantly be able to trust the validity, immutability, and traceability of the recorded logs,” said Martin Lechmann, senior information security consultant, Swisscom AG.

“With Codenotary’s immudb and the new immudb extension, these fundamental aspects of the SOC can be optimally addressed,” Lechmann continued.

Unlike other databases, immudb is built on a zero-trust model: history is preserved and can’t be changed. Data in immudb comes with cryptographic verification at every transaction to ensure there is no tampering possible.

immudb can be deployed in cluster configurations on-premises or in the cloud for demanding applications that require high scalability, up to billions of transactions per day, and high availability.

The support of both key-value along with SQL makes it simple to use immudb in new and existing applications. Support for Amazon’s S3 storage cloud provides immudb with virtually unlimited data storage capacity. With immudb’s Time Travel feature, organizations can travel back-and-forth in time and see the change history of their data.

immudb is capable of protecting sensitive data for workloads that require the utmost in security. Codenotary uses immudb to underpin its software supply chain security product.


from Help Net Security https://ift.tt/rokWfNA

0 comments:

Post a Comment