Intelligent Event and Network Data Monitoring System for Security Threat Detection
In today’s information systems, log data (logs) generated by critical processes such as internal and inter-organizational electronic communication traffic, system management, and access transactions play a crucial role in ensuring the traceability, auditability, and security of IT infrastructures. Expanding network structures, increasing user diversity, interconnectedness of systems, and the proliferation of external access are driving the need to collect, classify, centrally store, and analyze log data. Existing solutions often only store log data and allow for limited analysis. Consequently, system administrators either access delayed information on system performance, network health, access control, and event tracking, or are forced to perform manual and time-consuming analysis processes due to data redundancy. This reduces the sustainability of system security and delays response to critical incidents.
SENTRY enables the creation of an integrated system that centrally collects, standardizes, categorizes log data generated from various sources within corporate information technology infrastructures, and converts it into meaningful information. The system features a modular, scalable, and adaptable software architecture that enables the processing of data from network devices, servers, access control systems, firewalls, and similar information systems. With the system, organizations can access log records in a timely, organized, and meaningful manner, increasing operational efficiency, streamlining audit processes, and strengthening the manageability of information systems infrastructure. Furthermore, considering the system’s applicability to different sectors and organizational types, it is flexible enough to serve a variety of sectors, including public institutions, educational institutions, the healthcare sector, energy production facilities, and large-scale private companies.
R&D activities continue at Bilkent CyberPark.