Prism Microsystems Announces Deep SIEM Support for Virtual Infrastructures

EventTracker 6.4 seamlessly spans physical, virtual IT systems for end-to-end security and compliance visibility

• 11/30/2009

Prism Microsystems has released EventTracker 6.4 which extends SIEM features to all layers of the virtual infrastructure to help companies instantly detect compliance violations and security breaches.

EventTracker 6.4 fills a critical gap in the virtual security market left open by traditional SIEM/log management solutions that are unable to see beyond the veil of virtualization. Critical items such as privileged user activity or the flow of data between virtual machines on a single host need to be monitored for compliance and ensuring defense in depth. However, security designed for physical computing environments is unable to provide such granular insight into the virtual environment. EventTracker 6.4 addresses this concern by monitoring and correlating log data in real-time at all layers of the virtual infrastructure including the management application, the hardware, the barebones hypervisor, the guest OS and applications, for deep security awareness.

Also in the new release is a feature referred to as enterprise activity monitoring (EAM) that provides a dashboard that identifies any new or out-of-ordinary behavior by user, admin, system, process, and IP address to detect hitherto unknown attacks such as zero-day breaches and malware. Although standard correlation engines require knowledge of a condition to write a rule, EAM uses statistical and behavioral correlation to identify anomalies and help security personnel answer the question: “What don’t I know that can hurt me?” The combination of the correlation engine and EAM make EventTracker particularly well-suited for defense against a wide-variety of security risks.

EventTracker 6.4 is now available. Download a free trial or learn more at www.prismmicrosys.com.