Cumulo

Unified SOC Platform


Features

Cumulo is our in-house built and maintained SOC platform used to deliver our Protective Monitoring and SOC Service. We've designed Cumulo around the SOC Analyst to support their work in making yours and our business more secure by delivering our 24/7 Always On detect and respond capability. Cumulo acts as a standalone Security Information and Event management (SIEM) tool, with Security Orchestration, Automation and Response (SOAR) capabalities, whilst integrating with whatever technology needs to be monitored to provide a single lens into your business and allow Analysts to have a single point of truth for investigation and incident response.

  • A centralised, all-in-one, analyst-focussed cyber defence platform
  • Full packet capture environment with IDS, including deep packet inspection
  • Automation and orchestration capabilities
  • SIEM, with log and event correlation
  • Transparent and open - used by both the SOC and the customer, with full access to data

Cloud Infrastructure

We can monitor all major cloud infrastructure platforms, covering a large range of tools and technologies within them. For some tools Cumulo has ‘2-way integrations’, allowing e2e and our customers to not only ingest logs and network traffic to monitor, but also interact with the tool from Cumulo, eliminating the need to work from multiple tools, with Cumulo being the single lens into your network.

Other Integrations

Cumulo integrates with a host of other tools to receive logs and network traffic in order to fully monitor everything from your SIEM to your firewalls and infrastructure hardware, from SaaS tools to devices and EDR products.

Below are lists of some of the integrations we currently have – this is not exhaustive, if the product you’re looking for isn’t on here, there’s a chance it already has an integration with Cumulo, is in progress now or can be integrated with within weeks. Contact us if you’d like to enquire about one of your critical tools to improve your MDR and XDR capabilities.

In addition to monitoring the tools listed, Cumulo stores threat intelligence to improve business context and continuity and to shape specific playbooks and use cases for e2e and customers. We use a mixture of open and closed sources for our threat intelligence, as well as working with customers to run threat workshops to help identify and plan for known threats. On top of this, e2e also proactively look for zero-day exploits through our network monitoring.

Anything else?

The above is an ever-growing list. If what you are looking for isn’t here it may already be in progress or we can integrate it for you - don’t hesitate to contact us for details.