Infrastructure protection from cyber attacks

Infrastructure protection by collecting and analyzing all traffic and events from on premise and cloud infrastructures (e.g., Microsoft Azure/Entra). The system makes use of Eclexys' thread intelligence databases.​


Kondra is a security monitoring solution that seamlessly integrates Security Information and Event Management (SIEM) and Network Security Monitoring (NSM) capabilities, providing organizations with a robust mechanism for anomaly detection and defense against potential cyber threats. The KONDRA solution seamlessly integrates with the Secure DNS service and provides real-time protection against phishing attacks by preventing browsing to malicious web services.

  • Ability to aggregate and analyze different data sets from various sources
  • Availability of Microsoft Windows event logs
  • Information about PowerShell scripts and commands executed on servers or destination nodes in the customer's infrastructure
  • Information on process creation, network connections, file creation, driver loading, log events
  • Comprehensive information on Active Directory
  • Monitoring interfaces on different network packets
  • Collection of intrusion detection system (IDS) alerts generated by network traffic
  • Firewall activity monitoring and data logs
  • Logs on Microsoft MS365 message management and trace activities
  • Cloud computing platforms and services such as Microsoft Azure
  • Monitoring of data from industrial control systems
  • Data and logs from other ad hoc services
  • Monitoring of various network protocols (HTTP,SSL,SSH, PSR, DCE_RPC, FTP, SOCKS, RADIUS, SMTP, SNMP, SIP, SMB, NTLM, Kerberos)


By collecting, analyzing, and correlating data from different sources, the proposed solution strengthens an organization's level of security by providing proactive threat detection, incident response, and a comprehensive view of the entire ICT landscape, encompassing both on-premise and cloud environments. The solution can also be used in a multiple-site architecture, enabling centralized data collection and analysis.


Responding to regulatory/auditing requirements as well as customers needs, reports on the status and behavior of the monitored architecture can be scheduled on a daily, weekly or monthly basis.


This software comes with a number of tools that can be useful during the analysis process, such as PCAP and EVTX (Windows log format) analysis tools, the ability to schedule complete packet capture at a specified interval, and resource inventory. The solution also allows for customizations and extensions to meet customer needs.

Request Free KONDRA Demo