EventTracker Enterprise is the most comprehensive Security Information and Event Management (SIEM) solution available on the market today. EventTracker automates the collection and storage of all enterprise event logs, network flow data, change and configuration audit records, and provides powerful tools to analyze the data to increase overall security, improve operational performance and help meet compliance mandates.
For a complete description of the EventTracker architecture, go to How It Works.
.
EventTracker provides a unique combination of capabilities, including:
Risk-based Alerting
- Real-time alerts for critical events such as security breaches or performance problems
- Support for an unlimited number of rule-based alerts with customizable event prioritization
- Support for event-fired automated remedial actions for all events
Analytics and Reporting
- Easily report on all event data, scheduled or ad-hoc
- Create and generate meaningful reports
- Use over 2000 pre-defined report templates for security, compliance and operations
- Easily and quickly search and analyze all event data in real-time or as part of a post-incident forensics process
Behavior Analysis
- Automated monitoring of unusual activities and anomalies using dynamic statistical and behavioral correlation
- An extra "set of eyes" as an additional early warning security system
Search
- Search through terabytes of log data using a Google-like search interface
- High-speed indexed search of all log file data
- Thousands of prepackaged queries for generic categories such as "logon"
Configuration Assessment
- Certified FDCC/SCAP scanner automates configuration scans
File Integrity Monitoring
- Monitor the Windows file system and registry to detect undesired modifications caused by hackers, malware or even simple user error
Network Monitoring
- View of all network events and FLOW data integrated with system, application and user log data
