eIQnetworks Combines GRC Audit Management, Security Information Management to Simplify IT Assurance

Integrated SecureVue platform adds comprehensive audit, network behavior anomaly detection, and 3D visualization to unify security, risk, and audit management

• By James E. Powell
• 11/05/2007

eIQnetworks, Inc. today released an update to its flagship SecureVue solution. SecureVue 3.0 adds governance, risk, and compliance (GRC) audit management, network behavior anomaly detection (NBAD), and 3D visualization to provide enterprises with an integrated security, risk, and audit solution that simplifies IT assurance.

“As IT and business operations teams become more skilled at identifying, analyzing, and remediating security issues, they will take on more and more security responsibilities,” wrote Paul Stamp, principal analyst at Forrester, in a recent report, Security Information Management Market Forecast, 2007 to 2011.

“Thus, it will become commonplace for information security teams to be more interested in setting and overseeing policy than with the specifics of its implementation. SIM will be the primary tool for enabling operations teams and security teams to collaborate on: turning business policy into specific configurations and requirements; assessing the risk of ongoing security issues; and coordinating the response to security incidents.”

The company says that by using eIQ’s integrated security, risk and audit platform, enterprises can:

• Reduce management complexity and cost

• Increase collaboration between NOC, SOC and compliance teams

• More quickly identify and remdiate hard-to-detect security incidents

• Improve enterprise-wide security, policy and compliance management, with support for COBIT, ISO 17799, ISO 27000, NIST 800-53, CA 1386, FISMA, GLBA, HIPAA, PCI-DSS, and SOX, among other regulations The company claims that SecureVue helps define, monitor, and measure overall compliance using:

• Knowledge Base Packs that streamline best practice and regulatory implementation by mapping requirements to specific IT controls

• Executive dashboards that display current and historical regulation, best practice, control, and policy trends

• Wizard-based mapping to accelerate building, approving, and maintaining ever-changing internal and external requirements %%Drilldown to quickly identify why, when, where, and how policy and audit violations occur and provides compliance-required information

• Audit Reports to present all relevant data to show compliancy to specific requirements

SecureVue’s GRC audit module uses a fully extensible architecture to organizations can establish internal policies, tailor business requirements, and add additional regulations and best practices.

SecureVue’s SIM module correlates log, vulnerability, configuration, asset, performance, and flow data across the enterprise. Enhancements in this release include:

• 3-D visualization supports millions of nodes and displays log data, security incidents, access control list effectiveness, profiler data, traffic patterns, node-specific traffic patterns and forensics detail in a graphical display

• NBAD profiles all NetFlow, C-Flow, S-Flow, and J-Flow data to identify and alert users to anomalies in resource utilization, application usage, and behavioral patterns

• A universal parser that collects and analyzes syslog data from any network device, system, or application

SecureVue 3.0 is available for both Linux and Windows platforms; base package pricing starts at $47,995. For more information on SecureVue, visit http://www.eIQnetworks.com/products/SecureVue.shtml.