Categories:

Benefits and Insights

Why use Log Management & SIEM?

Key differentiators & advantages of Log Management & SIEM

  • Alerting - Configure and receive automatic alerts based on customized event thresholds.
  • Event Correlation - Multiple forms of event correlation are available for all events including statistical anomalies, associating IDS event with vulnerabilities, and alerting on 'first time seen' events.
  • Log Normalization - Normalize, correlate, and analyze user and network activity from log data generated by any device or application across the enterprise in a central portal. 
  • User Monitoring - Monitor user activity. Associate events such as a NetFlow, IDS detection, firewall log activity, file access, system error, or login failure with specific users for easy reporting and insider threat detection.
  • Full Log Indexing & Search - All logs are compressed and stored, whether they are normalized according to a rule or left raw. Using full-text search, you can rapidly search logs for keywords, user names, IP addresses, and many other terms. Log searches are stored with an independent checksum and can be re-launched at any time.
  • NetFlow Analysis - Each instance of the Tenable LCE includes agents for many different platform technologies. They can collect NetFlow traffic logs from routers, switches, and other network devices.
  • Malware Detection - The Tenable LCE Windows client monitors all processes running on Windows machines for malware processes, and can alert the security team if malware is discovered.
  • Network Content Analysis - Analyze network traffic in real-time with Tenable PVS. It produces an accurate vulnerability report and a real-time forensic log of network events such as shared files, DNS lookups, and social network activity.
Your review has been submitted
and should be visible within 24 hours.

Your review

Rate the product

Company Details

mandatory fields