What is the difference compared to SIEM systems?
SIEM systems (Security Information & Event Management systems) manage the archiving of logs and events generated by applications and components from networks. The objectives of such systems are the collection, analysis and presentation of information resulting from security-relevant incidents. The search for alarms as well as the analysis of these alarms usually takes place after the incident.
finally safe, on the other hand, focuses on the detection before ( false settings, vulnerabilities) or during ( anomalies, tunnels) an incident. By using finally safe's early warning system "Advanced Security Analytics Platform", vulnerabilities and attacks in the network can be detected and analyzed. This provides comprehensive protection against possible future attacks by closing security gaps and vulnerabilities at an early stage. Furthermore, it detects abnormalities by continuously analyzing the network. In addition, finally safe offers a database for analyses and reports after the incident (similar to SIEM systems).
As a result, the key difference compared to SIEM systems is the early detection of vulnerabilities and the prevention of attacks and potential damage at an early stage, while SIEM systems handle the storage and analysis of events that have already occurred.