cWatch Security Information and Event Management System (SIEM)
An artificial intelligence-based system that monitors your website traffic to identify and block attacks in real time
A firewall is only as good as the brain behind it. Basic firewalls have a list of rules they use for blocking dangerous requests, but this is insufficient to keep your website protected against the latest attacks that hackers use.
That's why cWatch Web includes the Comodo Security Information and Event Management System (SIEM) that monitors your traffic and instructs the firewall (in real time) what to block.
With cWatch Web, Comodo and its team of seasoned security specialists keep 24/7 vigil over your website from the Cyber Security Operations Center, monitoring, assessing, and defending.
How does the SIEM identify and block dangerous requests?
The cWatch Web SIEM identifies threats for the firewall to block - all in real time. This means that hackers are blocked before they even reach your website. Here's how the SIEM knows which requests are from valid visitors and which are hackers:
- Database of 18,000+ known threats. Our SIEM uses a continually updated database that includes over 18,000 different threats and vulnerabilities:
- vulnerabilities in software, plugins, etc.
- possible attack vectors
- known attack footprints
- malware signatures
- IP addresses associated with known bad actors
- IP addresses associated with other attacks
- and many more...
- Zero-day / virtual patches. One of the greatest risks your website faces is a brand-new exploit that hasn't yet been patched. No need to wait until the software creator releases a patch - our SIEM works in conjunction with our CSOC team to virtually patch new exploits (via our firewall) within moments of the exploit being exposed.
- Data from 85,000,0000+ end points. Comodo software protects over 85 million computers and websites around the world. Attack data is logged, processed, and funneled back to the Comodo SIEM. This allows the SIEM to identify attack trends and update your website firewall to block them in real-time!
- 24/7 Cyber Security Operations Center (CSOC). Our team of GIAC-certified cybersecurity analysts directly manages the SIEM 24/7 to fine-tune the SIEM's logic for blocking attacks. In the rare case when an attack slips past the SIEM/firewall, a security analyst will immediately step in to remediate the issue.
- Detailed rules for popular website software. Our SIEM has additional protection rules specifically designed for popular web applications - including WordPress, Joomla, Drupal, and MODX.
- Machine learning algorithms. Using a firewall with static security rules means you're waiting for a hacker to find their way past the rules. That's why cWatch uses machine learning and artificial intelligence to monitor your website and adapt your firewall to stay ahead of hackers.
- Your custom settings. After logging into the cWatch panel, you can set a variety of custom rules to tell the cWatch SIEM what traffic you want to allow to your website and what traffic you want to block. For example, you could instruct cWatch to block any attempts to login to WordPress Admin that don't come from your IP address.
Ready to get started?
Start My Free 30 Day Trial Compare Plans