FAQ

What is empow’s licensing model?

empow’s platform is priced according to the number of hosts (desktops, laptops, servers, virtual hosts), not the amount of data (events per second).  In this way pricing stays predictable and we prevent the cost creep common with other SIEMs.

Volume-based pricing is offered in 1000 host increments, so the per-host charge comes down the more you license.

Our annual subscription includes software, premium support, version updates and plugins.

All empow licenses include an Elastic Platinum subscription, with all the great features and support of a high performance search engine and data lake.

I already have a SIEM. Do I need empow?

Absolutley! While empow offers a complete SIEM solution, many clients find the intelligent analytics tools, artificial intelligence, natural language processing, and predictive analytics can help you get more out of your current SIEM while lowering your operating cost.

We use Splunk. What added value can empow bring me?

Many organizations around the world use Splunk as their SIEM for security monitoring, advanced threat detection, incident investigation and forensics, incident response, SOC automation and a wide range of security analytics and operations use cases.

With empow, Splunk users can leverage the empow AI, NLP, and machine learning to pre-process data and save money on Splunk ingestion costs.  empow adds a layer of intelligence (without any rule writing) and connects to Splunk, sending only clean, classified, and normalized data, removing the log noise, so the Splunk data lake stays clean and optimized.

I need a SIEM. How many people are needed to manage empow?

Many clients use less than one security team member or analyst to manage the i-SIEM.  Thanks to automation technologies, the number of alerts that will require your attention is dramatically lower with i-SIEM, and together with easy to use and manage dashboards, management is much faster and easier than with other SIEM solutions.

For more on our automation technologies, visit our product page.

Does empow come with MSSP services?

Not from empow, but can be contracted through our partners.

empow is a software solution, that you can run on-premises or in the cloud.  We have partnered with Modern Grid Partners, and other MSSP providers to together provide a service that includes both the i-SIEM and SOC management.

However, if you’re considering MSSP services because you believe you don’t have a large enough team to manage a SIEM solution in house, think again.  empow’s platform can be managed by less than one security analyst.

How does empow provide customer support?

empow provides T1-T4 production support, including unlimited support requests/tickets, and 24x7x365 support.

Support requests have 4 levels of severity, with a one-hour response time for the most critical issues.

empow’ support team is assigned with Elastic  T3 support engineers who provide Elastic Platinum level support to all empow client requests involving Elastic Stack issues.

Is empow’s i-SIEM offered on prem or in the cloud?

empow’s i-SIEM is usually implemented on the customer’s premises. It can also be implemented on your preferred cloud platform under your own subscription.   However, empow can work with you to build the solution in AWS or Azure under a SaaS model.  Please contact us for details.

Do you recommend a technology test (PoC) before we buy?

Yes. empow will install and test the system in your environment and allow you to operate it for 30 days.  If anytime during those 30 days you want to return the system for any reason, you will get a full 100% refund.  We want you to be  completely comfortable with its performance, features, and operation.  During this time we perform training and knowledge transfer for you and your staff.

How do I get the process started?

After a brief discovery and demo call we will send you a short survey on what you are trying to connect in your environment.  We’ll work on the technical parts while in parallel we develop the business case on how much you will save (time and money) given your current situation.  A price quotation and deployment plan will follow to allow you to determine how to proceed. For smaller environments, this can take only a few days.

How long do I need to wait to start to see value?

In contrast to other SIEMs, which take months or years to implement and use effectively, empow can be implemented and operational in less than a few weeks.

You should start seeing value immediately depending on the number of sources you connect – for us, the more the better (and for you no additional cost)! This is thanks to, in part, our security abstraction model, which translates all the events into the MITRE ATT&CKTM framework, and allows us to easily apply our cause and effect model to find the correlations for you. And all with NO RULES needed to be written.

How does Elastic fit into this and what is the benefit?

empow uses Elastic as its data search engine.

Elastic is the leading data search company, with over 300,000,000 opensource users and over 9,000 customers. empow is the only SIEM company which Elastic chose to partner with in a strategic and commercial integration.

Every empow license includes Elastic’s full Platinum subscription.  The integration between datasearch and i-SIEM is therefore much faster and easier, and includes empow’s UEBA and NTA, Network DPI agents, Threat Intelligence, and the automatic prioritization of threats based on empow’s cause and effect analytics model.

The partnership also brings a lower total cost of ownership (TCO) for organizations, providing both a Data Lake datasearch capability and a Next-Gen SIEM in one package. Included with the empow licenses you will get all of Elastic’s Platinum features, the X-Pack and support.

What’s the difference between empow’s i-SIEM and the SIEM that Elastic is offering?

empow’s i-SIEM and the Elastic SIEM APP are complementary to one another.

Elastic offers a hunting opensource tool that is manual in its functionalities and capabilities.  empow’s i-SIEM brings the necessary  automation tools, as well as built in threat intelligence, UEBA, DPI (Deep Packet Inspection) & NTA engines, that enables the platform to bypass correlation rule writing and lower the number of false positives and the burden on the security team.

To read more about how empow’s i-SIEM and the Elastic SIEM work together and how they differ click here.

How can I see a demo?

Contact us and we’ll be happy to hop on a call with you and provide additional information and a demo.