PLATFORM ♡
A platform evolved beyond SIEM into XDR
Connect server, PC, and web logs to see threats in context.
Security Information & Event Management (PLURA - SIEM)
Traces of threats live in logs.
Check both: enable audit policies, and collect request/response bodies (Post/Response).
Check both: enable audit policies, and collect request/response bodies (Post/Response).
Without audit policies, no logs remain,
and many solutions do not analyze bodies.
PLURA correlates even body-inclusive logs to automate Collect → Detect → Respond → Evidence.
and many solutions do not analyze bodies.
PLURA correlates even body-inclusive logs to automate Collect → Detect → Respond → Evidence.
Real-time dashboards & automated reports (management summary included)
Context analysis via MITRE ATT&CK mapping of tactics & techniques
Anomaly detection through correlation across servers, PCs, networks, and security devices
Request/response body analysis to catch data exfiltration and evasive injections early
Response to APT and ransomware
Full support for Windows (Server/PC), Linux/Unix, and macOS
Detect & mitigate unknown/zero‑day attacks
AI SecOps automation: triage → isolation/block → replay & evidence, with remote SOC linkage
- Features
- Supports Zero Trust Architecture (ZTA)
- Detect anomalies by integrating and analyzing security/network devices + servers/PCs + web header/body/app logs
- Detect advanced persistent threats (APT) and ransomware
- Detect account takeover attacks such as credential stuffing
- Deep analysis of web request bodies (Post) and response bodies
- Detect SQL injection, web shells, and cross-site scripting (XSS)
- MITRE ATT&CK mapping, real-time dashboards, and automated reports
- AI SecOps automation: triage → isolation/block → replay & evidence
- Notifications via Jandi, Telegram, LINE, and Google Chat
- Integration Features
- Analyze logs by integrating with public AI (ChatGPT, Gemini, Claude)
- Perform reputation lookups by integrating with public TI (VirusTotal, AbuseIPDB, MalwareBazaar)
- Web firewall integration (PLURA‑WAF)
- Host/endpoint security integration (PLURA‑EDR)
- Meta analysis of access IP, login, and URL
- Heterogeneous log correlation (SIEM/XDR)
- Syslog integration with third‑party security devices/solutions
- Detection alerts via webhooks, ChatOps, and ticketing (Jira/ServiceNow, etc.)
- Full log collection, analysis, and long‑term retention (retention policy/archive)
- Target Systems & Log Types
- Windows Server: Event Logs, Sysmon
- Linux Server: Syslog, Audit logs
- Unix Server: Syslog, Audit logs
- macOS: Unified Log (diagnostic/system), OpenBSM Audit logs
- Web Server: MS IIS, Apache HTTPD, Tomcat, NGINX, Node.js, Spring Boot, etc.