Defence-grade SIEM for Government

With the vast amounts of sensitive national information, including about its citizens and IT assets and systems within State and National government agencies, effective cyber security for government is paramount.

Whether you work for a Federal department or a local authority, you are responsible for the defence and protection of large quantities of sensitive data that can be a prime target for cyber-attacks.

Huntsman Security has served government agencies for well over a decade. Our monitoring and reporting meets multiple global regulatory governance and compliance requirements.

Additionally, as a government listed supplier in the United Kingdom and in the Asia Pacific Region, our solutions are available on Government Digital Marketplaces in the UK and Australia.

Huntsman Security's Enterprise SIEM delivers:

Efficiency & functionality that provide:

  • Optimised process integration and workflows, to limit hand-offs between SOC processes
  • Local support, security cleared staff and specific in-house government expertise
  • Procurement flexibility should you wish to buy direct, through integrators or service providers

Defence-grade agility & security that integrates:

  • On-premise, cloud or hybrid environments
  • Clear and accurate visibility of relevant threats and security issues
  • Reliable compliance reporting for IT governance review
  • Advanced threat detection, incorporating real-time behaviour anomaly detection
  • Functionality across multi-classification networks

DOWNLOAD the MITRE ATT&CK® Framework Implementation Guide

  • What is MITRE ATT&CK®
  • How to use MITRE ATT&CK®
  • Mitigation and Control Reporting
  • Threat Detection and Response
  • The Benefits Of MITRE ATT&CK®

Learn the what, how and why of the MITRE ATT&CK® framework and its critical role in mitigation, detection and reporting on cyber security operations.

Download the guide


Huntsman Security’s SIEM features

Huntsman Security’s SIEM sits at the core of your Security Operations Centre (SOC) as a single, comprehensive, yet flexible multi-functional threat monitoring and response platform


  • Real-time MITRE ATT&CK® heatmaps and threat summary + GUI driven query interface to optimise investigation and save time

  • Configurable alert rules and behavioural models, allowing the detection of the widest range of threats – including APTs

  • Centralised management & coordination of alerting rules, event collection, queries and reports for reliable security governance

  • Centralised management & coordination of alerting rules, event collection, queries and reports for reliable security governance

  • Lifecycle visibility of alerts, threats and incident information for all stakeholders


  • Advanced, high speed in-stream event processing, analytics and response decision making – with capacity in excess 100,000 events per second

  • Behavioural anomaly detection to extend discovery beyond predefined patterns and signatures with machine-learning

  • Automatic collection and integration of multiple sources of Threat Intelligence, for enrichment, threat verification and orchestration, to speed up resolution of incidents and reduce false positives

  • Accelerated capacity for cyber security decision making with multiple views of attack information by users or endpoints, to pinpoint an asset/user at risk and quickly tailor a defence


  • Simple, yet flexible, deployment options and scalable data storage architecture

  • Support for virtualisation and cloud/on-premise deployment

  • Optimised for detection, correlation and reporting OOTB – an extensive range of inbuilt alerts for attacks, technology types and compliance standards

  • Support for a wide range of data sources and technology platforms (hundreds of technologies supported natively + data stream or source can be configured)

  • Broad range of pricing and licensing models to suit organisations of all sizes and complexity (inc. Capex and OpEx subscription pricing)


Read by directors, executives, and security professionals globally, operating in the most complex of security environments.