Developers: | UserGate, Usergate (formerly Entensys) |
Date of the premiere of the system: | June 2023 |
Technology: | Information Security Management (SIEM) |
Content |
2023
Solution Testing Capability
On November 16, 2023, the Russian developer of solutions for information security UserGate announced the release of the candidate version 7.1 of its own operating system UGOS, which is the basis for the UserGate SUMMA ecosystem, which includes UserGate NGFW - the next generation firewall. In addition, it was announced the possibility of testing the new solutions developed by UserGate and expected by the information security market of the SIEM and EDR/NAC class. UserGate SIEM Light is a Security Information and Event Management system responsible for collecting information from various sources and bringing them into a single format for the convenience of subsequent analysis and analysis. Read more here.
Announcement of a new product - UserGate SIEM Light
At the end of October 2023, UserGate plans to launch the first release of its new product, SIEM the UserGate SIEM Light system. This was announced at the end of June at the webinar by the UserGate development manager. Ivan Chernov According to him, first the company will present the MVP version on the market (Minimum Viable Product - the initial version of the product with minimal functionality).
SIEM Light will "arrive" in the new version of the UserGate Summa 7.1 cybersecurity product ecosystem, which is scheduled for release on October 26.
The new product has "grown" from the existing UserGate Log Analyzer (LogAn) solution, an event and incident analysis system. This is a tool that collects data from various sources, from UserGate firewalls, clients, OS, etc., accumulates in itself and provides a single window with all infrastructure events. Over time, this product began to evolve: the developers began to add various functions to it - to search for, connect these events with each other. And as a result, the system began to turn into SIEM, Ivan Chernov explained.
And with the release in the spring of 2023 of a new version of its own operating system UserGate - UGOS 7.0 - UserGate LogAn began to combine the functionality of SIEM and IRP (Incident Response Platform), that is, provide opportunities for collecting logs and events, searching for incidents and responding to them. The LogAn box contains examination packages that include correlation rules developed by experts from the UserGate response center. LogAn accumulates data from various sources (sensors), aggregates and correlates events, creates security incidents, and the established rules allow you to automatically determine the methods of response to them.
Thus, UserGate LogAn "outgrew" its name in terms of functionality, and the developers decided to separate the SIEM functionality into a separate product with a separate license.
With the entry into the UserGate SIEM Light market, the UserGate LogAn product will also remain in the line with a license for basic functionality - collecting logs from devices and working with them from a single window, Ivan Chernaya explained. And the client will be able to buy the UserGate SIEM Light license as a UserGate LogAn upgrade to ensure a full cycle of working with security incidents - from collecting infrastructure events from many sources and correlating these events to working out triggers, automatic response or manual investigation, etc.
At the same time, customers who purchased UserGate LogAn before the release of UserGate SIEM Light will receive an upgrade to SIEM without additional costs - without the need to purchase a separate license, the company said. And for new purchases there will be a separation of licenses, and the customer himself will choose.
UserGate SIEM Light is designed for organizations of different sizes - both small and large, the developers say. Based on feedback from users, it is planned to expand the functionality of the product. Pilots UserGate plans to start launching at the end of July 2023.
Later, a roadmap for product development should also become available.
In recent years, Russian players in the SIEM systems market have been talking about the dynamic growth of this segment of information security solutions, and the departure of foreign vendors in 2022 created even more favorable conditions for the development of the business of Russian developers. Among the most notable players here are companies such as Positive Technologies, Kaspersky Lab, Gazinformservice, NPO Echelon, RUSIEM, SearchInform.