Loading ...

JIGHI SIEM ENDPOINT PROTECTION SOLUTION (J-SEP)

JSEP logo
What is J-SEP (Jighi - Security Endpoint Protection) ?

J-SEP is a new generation of enterprise-managed detection and resolution (MDR) platform. As a platform, it combines the functionality of SIEM, EndPoint Protection and Threat Maps. J-SEP is able to monitor your infrastructure, detect threats, intrusion attempts, System anomalies, misconfigured applications and unauthorized user actions. Additionally, J-SEP provides a framework for incident response and regulatory compliance.

Features


Security Analysis


* J-SEP is used to collect, aggregate, index and analyze security data that helps detect intrusions, threats, and anomalies.
As cyberthreats become more sophisticated, real-time security monitoring and analysis is needed for rapid threat detection and resolution.

* Endpoint Detection and Response (EDR)
* J-SEP - Agent actively performs security analysts to discover, investigate, and block a network attack, shut down a malicious process, or quarantine a file infected with malware.

Intrusion detection


J-SEP - Agent, scans the monitored system for malware, rootkits and suspicious anomalies. It can also detect hidden files, synchronized processes or unregistered network listeners, as well as inconsistencies in responses to system calls.

In addition to the agent capabilities, the server component uses a signature-based approach to intrusion detection, using its regular expression engine to analyze the collected log data and look for indicators of compromise.

Journal Data Analysis



J-SEP - Agent, reads operating system and application logs and forwards them to a central manager in J-SEP for rule-based analysis.

Which helps you detect application or system errors, configuration errors, successful malicious activity attempts, policy violations, and a variety of other security and operational issues.

File Integrity Monitoring


J-SEP monitors the file system, identifying changes in content, permissions, ownership, and attributes of files that you need to monitor. It can also identify the users and applications used to create or modify files.

File integrity monitoring capabilities can be used in conjunction with threat intelligence to identify threats or compromised hosts.
In addition, several regulatory compliance standards, such as PCI DSS, require it.

Vulnerability detection



The J-SEP Agent extracts software inventory data and sends it to the J-SEP Manager server. Then, they correspond to CVE (Common Vulnerabilities and Exposure) databases, in order to identify well-known vulnerable software.

Automated vulnerability assessment helps you find weak spots in your critical assets and take corrective action before attackers exploit them to sabotage your business or steal confidential data.

Configuration Assessment


J-SEP monitors system and application configuration settings to ensure they comply with your security policies and standards.
The agent automatically performs a periodic scan to detect applications that are known to be vulnerable, unpatched, or configured insecurely.
Additionally, configuration checks can be customized, tailoring them to properly align with your organization. Alerts include recommendations for better configuration, referrals, and mapping to regulatory compliance.

Responses to Incidents



J-SEP provides out-of-the-box active responses to perform various countermeasures to deal with active threats, such as blocking access to a system from the threat source when certain criteria are met.
Additionally, J-SEP can be used to remotely execute commands or system queries, identify Indicators of Compromise (IOCs), and help perform other live forensics or incident response tasks.

Regulatory conformity


J-SEP provides some of the security controls necessary to comply with industry standards and regulations. These features, combined with its scalability and cross-platform support, help organizations meet technical compliance requirements.
J-SEP is widely used by payment processors and financial institutions to meet PCI DSS (Payment Card Industry Data Security Standard) requirements.
Its web user interface provides reports and dashboards that can help with this and other regulations (eg GPG13 or GDPR).

Cloud security


J-SEP enables monitoring of cloud infrastructure at the API level, using integration modules capable of extracting security data from well-known cloud providers, such as Amazon AWS, Azure or Google Cloud.
Additionally, J-SEP provides rules to assess your cloud environment configuration, easily spotting weaknesses.
Additionally, lightweight, cross-platform J-SEP agents are commonly used to monitor cloud environments at the instance level.

Container Security


J-SEP provides visibility into the security of your Docker hosts and containers, monitoring their behavior and detecting threats, vulnerabilities and anomalies.
J-SEP Agent has native integration with the Docker engine allowing users to monitor running images, volumes, network settings, and containers.
J-SEP continuously collects and analyzes detailed execution information.
For example, the alert for containers running in privileged mode, vulnerable applications, a shell running in a container, changes to persistent volumes or images, and other possible threats.

Configuration Assessment


J-SEP monitors system and application configuration settings to ensure they comply with your security policies and standards. The agent automatically performs a periodic scan to detect applications that are known to be vulnerable, unpatched, or configured insecurely. And also It alerts recommendations for better configuration and increased security.

Responses to Incidents


J-SEP takes action against active threats such as blocking access from the threat source when certain criteria are met.

Regulatory conformity


J-SEP provides some of the safety checks needed to complain about industry standards and regulations.

Cloud security


J-SEP helps monitor cloud infrastructure as an API level. It can extract security data from instances on well-known cloud providers like AWS, Azure, Google Cloud Platform.

Container Security


J-SEP provides visibility into the security of your Docker hosts and containers, monitoring their behavior and detecting threats, vulnerabilities and anomalies. J-SEP Agent has native integration with the Docker engine allowing users to monitor running images, volumes, network settings, and containers. J-SEP continuously collects and analyzes detailed execution information. For example, the alert for containers running in privileged mode, vulnerable applications, a shell running in a container, changes to persistent volumes or images, and other possible threats.

Services


Annual support and maintenance

Our engineers provide quick answers to your solution-related questions and issues.

* A dedicated team of engineers

* Periodic health checks and upgrades to the latest version

* Customer satisfaction guaranteed

* Automation of deployment 

* Solution configuration, bug fixes and upgrades

* 24/7 support (premium)

*Faster response times (premium)

* More health checks per year (premium)

Deployment and configuration

We carefully analyze your designed environment and create successful architecture, configuration, and integrations with third-party tools.

* Technical assistance

* Troubleshooting

* Support for J-SEP

Training

Our hands-on course covers J-SEP architecture, integrations with Elastic Stack and Splunk, file integrity monitoring, log collection and analysis, vulnerability detection, compliance and policy enforcement

* Three day course

* Course material

* Discover good practices