Komrad is a SIEM software product for IT-infrastructure. It is designed for threat detection, alerts and incident response, as well as for maintaining compliance with security regulations.
- centralized collection and analysis of event logs from security facilities, workstations, servers and network equipment;
- remote configuration control and monitoring for workstations;
- alerting and incident response;
- maintaining compliance with security regulations, statistics collection and generating reports for compliance purposes.
- operates on a 64-bit CPU architecture (Intel x86-64); security events processing speed is up to 5000 EPS (events per second) on a single node of the network;
- supports wide-ranging technologies for integration with data sources (security facilities, workstations, servers, network equipment) including Syslog, Syslog-ng, SNMPv2, SNMPv3, Opsec, HTTP, SQL, ODBC, WMI, FTP, SFTP, sockets Unix/Linux, plain log, SSH, Rsync, Samba(NetBIOS), NFS, SDEE, RDEP, OPSEC, CPMI;
- generates the following reports: list of network devices, security events data storage, threats alerts, incident response, list of detected vulnerabilities, overall network status, availability of network devices, network statistics;
- provides integration with the following national secure platforms and security facilities: OS MSVS, OS Astra Linux, Scanner-VS, Firewall & IDS Rubikon, XSpider.
User manual: Download
The Russian Ministry of Defense and the Russian Federal Service on Technical and Export Control certify Komrad.