Discover and mitigate network intrusions and data breaches early to avoid losses.
Including 10.2-10.3.6, 10.4.2b, 10.5-10.5.5, 10.6, 10.7, 11.5.
Collects and normalizes event data from network devices, computers and applications then uses sophisticated rules engine to identify threats, unusual user activity or system and network problems.
Easy-to-use management interface allows you to drill through to interrogate detailed event information.
Encompasses three core elements required to achieve compliance and deliver value: analysis, reporting and actions.
Use the analysis functionality to interrogate events in greater detail and investigate suspicious activity.
Draw from the comprehensive suite of standard reports or use reports specific to compliance standards such as PCI DSS, Government Codes of Connection and ISO27K.
File Integrity Monitoring and Network IDS Correlation
With FIM, changes to files, directories or the registry generate events that can trigger alerts. Events from network IDS solutions can be correlated with vulnerabilities using CVE references, alerting users to any device at risk.
Wireless Intrusion Detection System
A passive solution designed to identify potential rogue access points connected to the local area network that bypass security controls.
Actions & Workflow
Platform-wide Actions functionality allows activities, such as remediation or follow-up investigations, to be allocated to an individual or groups.