NitroSecurity Enhances Real-time Security, Compliance with SIEM/Log Management Integration
NitroView V8.4 enables instant correlation of security events with specific log records
Note: ESJ’s editors carefully choose vendor-issued press releases about new or upgraded products and services. We have edited and/or condensed this release to highlight key features but make no claims as to the accuracy of the vendor's statements.
NitroSecurity, Inc. has released version 8.4 of NitroView Enterprise Security Manager (ESM) and Enterprise Log Manager (ELM) that provide strong integration between comprehensive log and security event management. The integration and new capabilities advance an organization’s ability to maintain full compliance without sacrificing real-time security responsiveness.
Ever-expanding regulatory requirements and compliance timeframes -- from PCI to HIPAA to NERC -- continue to widen the gap between log management and security information functions such as behavior analysis and forensics. The full integration of NitroView ELM takes advantage of the highest-performing SIEM engine on the market. It allows organizations to greatly improve IT security efficiencies and strengthens regulatory compliance while reducing post-event analysis and forensics from hours to seconds.
“Being able to quickly view the raw logs in one click from the parsed event is an essential innovation in SIEM/log management,” said Anton Chuvakin, author of the popular Security Warrior blog, and a recognized expert in log management systems. “The tighter the integration between log management and SIEM, the lower the costs will be across a wide variety of security and compliance operations.”
Version 8.4 also includes advanced geo-location tracking, the first SIEM to deliver this feature. The new capability provides a visual representation of where external activities, such as user/application traffic or security attacks aimed at systems, are geographically concentrated -- down to city/town ZIP codes or similarly specific locations. Seeing where events are occurring and how data is flowing helps SOC operators better understand the underlying nature of a threat, and determine potential courses of action.
“Log overload prevents many vendors from fully linking SIEM and log management. There are simply too many logs to fully parse and analyze, forcing security teams to make compromises about which log sources merit deep analysis,” said Eric Knapp, vice president of technology marketing for NitroSecurity. “ELM -- leveraging fast SIEM -- changes the game by providing deep analysis across all relevant logs, and immediate access to source log records. We've essentially eliminated the need to manually search through massive log files to investigate threats already detected by the SIEM. Because NitroView has the performance and scalability to bring these together, security teams can be significantly more efficient.”
NitroView V8.4 provides a unified workflow and “single-pane-of-glass” interface for all SIEM and log management functions.
NitroView V8.4 drills deep and monitors all traffic on the network up to the application layer, protocol use, and individual sessions. Using patented data storage and management technology for excellent performance, NitroView can collect and manage billions of events, logs, network activity flows, and even application content while maintaining the real-time analytics that are required for rapid incident response.
NitroView V8.4 is available now. More information is available at http://www.nitrosecurity.com.