CYBANETIX LIMITED

CALM SaaS (SIEM)

Cybanetix Advanced Log Manager (CALM) is a Security Information and Event Management (SIEM) solution that allows organisations to log all their IT infrastructure events to one platform and overlay threat intelligence and advanced security analytics to the events collected.

Features

• Security log collection from all infrastructure sources
• Correlation with user identity
• Correlation with threat intelligence
• Pre-built dashboards
• Log/Event Searching
• Alerting
• Forensics
• Option to integrate with Exabeam UEBA

Benefits

• Comply with security standards; PCI, Cyber Essentials, ISO27001, SPF
• Gain visibility into network activity
• Detect hacks and threats in real time
• Detect malicious or compromised users (inside threats)
• Investigate security incidents
• Report on threats
• Create business case for developing security strategy

£8.00 a user a year

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@cybanetix.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

699740325457473

Contact

Cybanetix Sales Team
020 8396 7442
sales@cybanetix.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Private cloud
• Service constraints: Software updates and patching are carried out during planned maintenance windows, agreed with the customer.
• System requirements: Not applicable / vendor agnostic

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: UK based Support Desk operating 24/7/365; ; Standard (inclusive) response times are: ; ; Email: 1 hour response (Mon-Fri 08:00-18:00); Email: 8 hour response all other times; ; Telephone: Immediate response 24/7/365; ; Full outsourced Security Operations Centre (SOC) services are available offering 24x7x365 coverage along with enhanced response and support levels.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Onsite support
• Support levels: Standard (inclusive) support levels are:; ; 4 hour fix (Mon-Fri 08:00 to 18:00); 8 hour fix all other times; 24/7/365 UK Support desk contact by: Phone, Email, Web; ; 99.85% service availability, measured on a quarterly basis.; 99.95% availability of data storage, measured on a quarterly basis.; ; Full outsourced Security Operations Centre (SOC) services are available offering 24x7x365 coverage along with enhanced response and support levels.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: As part of the service, Cybanetix will assist customers by providing 1 day of Professional Services free of charge. This is to assist with on-boarding and configuring the service to ensure it is receiving data from the customers log sources and feeding that data into dashboards etc.; ; Full deployment and onboarding packages are available as part of a wider managed SIEM/SOC Service.; ; Onsite service familiarisation and operational training is available to customers.
• Service documentation: Yes
• Documentation formats: HTML
• End-of-contract data extraction: All customer data is removed from the platform and customer access is switched off.; ; Customers are able to back up their historical log/event database and subsequently extract that information upon termination of the service. The practicality of this is obviously subject to the amount of data to be extracted.
• End-of-contract process: The service will be switched off and decommissioned.; ; All customer information will be deleted.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
• Application to install: Yes
• Compatible operating systems:
  • Linux or Unix
  • MacOS
  • Windows
  • Other
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: No difference
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: Access to the CALM service is via a web based graphical user interface. ; ; Once logged in, customers have full access to their service.; Customers are not able to access the underlying software/source code.
• Accessibility standards: None or don’t know
• Description of accessibility: Access to the CALM service is via a web based graphical user interface. ; ; Once logged in, customers have full access to their service.; Customers are not able to access the underlying software/source code.
• Accessibility testing: No testing completed
• API: No
• Customisation available: Yes
• Description of customisation: CALM can be customised in accordance with a customers specific requirements for the service. Examples of this would include:; ; Tailoring of event and security logs; Customisation of dashboard widgets; Custom log sources; Bespoke reporting

Scaling

• Independence of resources: Each customer deployment of a CALM service is a completely separate instance.; ; Hosting resources are never oversubscribed and are partitioned according to the specific performance demands of a given customer.; ; The database and software architecture of CALM ensures that it scales horizontally, enabling Cybanetix to seamlessly manage and scale the allocation of resource in accordance to customer demand.

Analytics

• Service usage metrics: Yes
• Metrics types: Disk space usage; Service availability; Log volumes; High severity threats; Others available
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest: Physical access control, complying with another standard
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Subject to size, customer data can be exported in a variety of formats. Specific requirements can be discussed and agreed on a case by case basis.
• Data export formats:
  • CSV
  • Other
• Other data export formats: Elastic Search snapshots
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • Syslog
  • Gelf

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: 99.85% service availability, measured on a quarterly basis.; ; 99.95% availability of data storage, measured on a quarterly basis.
• Approach to resilience: Available on request
• Outage reporting: Emails alerts and calls via the Support desk

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: The service supports implementation of Role Based Access Control (RBAC). This allows customers to control management access and permissions to need/role basis. ; ; Upon subscription to the service, Cybanetix will work the customer to identify and maintain a list of approved roles within the customers organisation.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: British Assessment Bureau
• ISO/IEC 27001 accreditation date: 29/04/2020
• What the ISO/IEC 27001 doesn’t cover: Not applicable.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: Yes
• Who accredited the PCI DSS certification: URM Consultant Services Ltd
• PCI DSS accreditation date: 12/01/2022
• What the PCI DSS doesn’t cover: N/A
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications:
  • Cyber Essentials
  • ISO27001
  • PCI DSS

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: Cyber Essentials; PCI DSS; ISO27001
• Information security policies and processes: Cyber Essentials; ISO27001; PCI DSS

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Cybanetix maintains an internal Change Management board and defined Change Management Process. ; ; The Board is responsible for the assessment and approval/rejection of all submitted configuration and/or software changes to its services.; ; All approved changes must be subject to a clearly defined roll back and functional testing procedures. Where necessary, changes details will be notified to all affected customers and suitable maintenance windows will be agreed.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: As a Security Information and Event Management (SIEM) service, the gathering and analysis of threats and security intelligence information is inherent to the CALM service.; ; Threat Intelligence is gathered from a large number of external feeds, the details of which can be provided upon request.; ; Cybanetix uses internal vulnerability scanning tool to regularly scan and detect any vulnerabilities within the platform, and will carry out all security patching requirements at the earliest opportunity. The implementation of any urgent threat mitigation may be subject to an Emergency Change Control procedure.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Cybanetix has a fully managed Security Operations Centre (SOC), running a Security Information & Event Monitoring platform (CALM); ; Response to security events/incidents includes both automated and manual processes. Incidents are automatically categorized in terms of severity, with manual triage and investigation performed by the Cybanetix SOC.; Response is immediate 24/7/365.
• Incident management type: Supplier-defined controls
• Incident management approach: Incidents (including faults, change requests and updates) should be raised to the Cybanetix support team, typically via email, phone or the customer support web portal.; ; Incident reports are made available via the customer self service portal or upon request to the Cybanetix support team.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Equal opportunity

  Fighting climate change

  Cybanetix is a carbon neutral company and takes active measures to reduce our carbon footprint. This includes investing in carbon reduction projects.

  Equal opportunity

  It is the aim of the Company to ensure that no employee or job applicant receives less favourable facilities or treatment (either directly or indirectly) in recruitment or employment on grounds of age, disability, gender / gender reassignment, marriage / civil partnership, pregnancy / maternity, race, religion or belief, sex, or sexual orientation (the protected characteristics).

Pricing

• Price: £8.00 a user a year
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Proof of Concept testing, includes:; Licensing & Hosting; 1 day professional services (to assist with setup/on-boarding); Technical support (for duration of POC); Time period - typically 2-4 weeks

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@cybanetix.com. Tell them what format you need. It will help if you say what assistive technology you use.