Log Management

SurePassID provides a 360° view of user access with full MFA audit trail and advanced log management

   Real-time monitoring via syslog
   Comprehensive logging for AI-based risk assessment and threat detection
   Integrations with security information, event management, security orchestration, automation, and response tools

TALK TO AN EXPERT

Laptop and iPhone App
Log Management

Syslog

System Logging Protocol (syslog) is a standard protocol used to send system log or event messages to a specific server, called a syslog server. Syslog is used for system management and security auditing, as well as general informational, analysis, and debugging messages. Syslog is defined in RFC 5424, The Syslog Protocol.

SurePassID Authentication Server uses Event Log Synchronization (ELS) to securely pull MFA audit trail events and store them in a syslog. ELS filters specify the MFA event types that are eligible to be pulled. The ELS application is installed on your servers and is a component of the SurePassID Local Agent.

The following MFA event types can be synchronized to a syslog: Severe, Warning, Success, Action Required, and Informational. The Event Log Sync Application uses https for transport security by default. If more security is needed, PKI and X.509 certificates can be used.

Syslog1
Log-Management3
Log Management

SIEM and SOAR integration

Security Information and Event Management (SIEM) or Security Event and Information and Management (SEIM) tools collect log and event data that is generated by host systems, security devices, and applications and collate it on a centralized platform. SIEM/SEIM tools sort the data into categories, such as ransomware activity, failed and successful MFA logins, and other potentially malicious activity. When SIEM/SEIM tools identify a potential security issue, an alert is generated, triggering an automated or human response based on security policies.

Security Orchestration, Automation and Response (SOAR) platforms are a collection of security software solutions and tools for browsing and collecting data from a variety of sources. SOAR solutions then use a combination of human and machine learning to analyze this diverse data in order to comprehend and prioritize incident response actions.

SurePassID Authentication Server uses Event Log Synchronization (ELS) to securely pull MFA audit trail events and integrate them with an SIEM or SOAR tool. ELS filters specify the MFA event types that are eligible to be pulled. The ELS application is installed on your servers and is a component of the SurePassID Local Agent.

The following MFA event types can be synchronized to a SIEM or SOAR tool: Severe, Warning, Success, Action Required, and Informational. All SIEM and SOAR integrations use https for transport security by default. If more security is needed, PKI and X.509 certificates can be used.

FAQ

Frequently asked questions about SurePassID

What are SurePassID's deployment modes?

  • Software-as-a-Service (SaaS Public, SaaS Private)
  • Windows Installer Package (Microsoft Windows Server 2012-2022, any edition, and Microsoft Windows 8-11)
  • Virtual Machine (Microsoft Hyper-V)
  • Container Image (Docker/Kubernetes, Microsoft ACI, Amazon ECS)
  • Embedded (Windows 7 or later, Linux OpenEmbedded for 32/64-bit ARM/PPC/MIPS/x86)
  • Secure Element (NXP EdgeLock SE050/SE051, NXP A71CH/A71CL/A1006)

How long does it take to deploy SurePassID?

Cloud deployments can occur same day.

On-premise and air-gapped deployments will vary depending on the complexity of your requirements.

Regardless, our Customer Success team will be with you every step of the way.

Can SurePassID integrate with my IAM solution?

As a SAML 2.0 IdP, SurePassID easily and seamlessly adds MFA to any existing IAM solution, such as Okta or Ping Identity.

SurePassID also integrates with Third-Party directory services, such as Workday, Oracle, and SAP.

We even integrate with legacy SCADA systems that have built-in user directories.

What makes SurePassID better than other MFA solutions?

  1. Unmatched on-premise and air-gapped capabilities
  2. Outstanding technical support
  3. Unbeatable value

How secure is SurePassID?

SurePassID is the most hardened MFA solution on the market. We never stop innovating to protect our customers from evolving cyberthreats.

  • USA company
  • Secure SBOM (Software Bill of Materials)
  • Secure user and token provisioning (QR code to one-time-use provisioning page)
  • Comprehensive logging and audit trail
  • FIPS 140 mode
  • AES 256 encryption for data at rest
  • SHA 256 or SHA 512 encryption for data in iransit
  • And much more...

How much does SurePassID cost?

Visit https://www.surepassid.com/pricing for a complete guide to SurePassID Authentication Server pricing and features.

testtest18
DETAILS

Discover why leading enterprises choose SurePassID

Talk to one of our MFA experts about your unique requirements. Or request a demo and see how easy it is to secure your universe of apps with SurePassID Authentication Server.