SOURCE: NitroSecurity

NitroSecurity

January 19, 2010 09:00 ET

NitroSecurity Advances Real-Time Security and Compliance With Industry's Deepest SIEM/Log Management Integration

NitroView V8.4 Sets New Benchmark by Enabling Instant Correlation of Security Events With Specific Log Records; Adds Unique Geo-Location for "Hot Spot" Event Visibility

PORTSMOUTH, NH--(Marketwire - January 19, 2010) - NitroSecurity, Inc., the leader in high-performance, content-aware security information and compliance management solutions (SIEM), today announced Version 8.4 of NitroView Enterprise Security Manager (ESM) and Enterprise Log Manager (ELM) that provide an unprecedented level of integration between comprehensive log and security event management. The integration and new capabilities advance organizations' ability to maintain full compliance without sacrificing real-time security responsiveness.

Ever-expanding regulatory requirements and compliance timeframes -- from PCI, to HIPAA, to NERC -- continue to widen the gap between log management and security information functions like behavior analysis and forensics. Unlike SIEM "suites" from other vendors, the full integration of NitroView ELM takes advantage of the highest performing SIEM engine on the market. It allows organizations to greatly improve IT security efficiencies and strengthens regulatory compliance while reducing post-event analysis and forensics from hours to seconds.

"Being able to quickly view the raw logs in one click from the parsed event is an essential innovation in SIEM/log management," said Anton Chuvakin, author of the popular Security Warrior blog, and a recognized expert in log management systems. "The tighter the integration between log management and SIEM, the lower the costs will be across a wide variety of security and compliance operations."

Version 8.4 also includes advanced geo-location tracking, the first SIEM to deliver this feature. The new capability provides a visual representation of where external activities, such as user/application traffic or security attacks aimed at systems, are geographically concentrated -- down to city/town zip codes or similarly specific locations. Seeing where events are occurring and how data is flowing helps SOC operators better understand the underlying nature of a threat, and determine potential courses of action.

"Log overload prevents many vendors from fully linking SIEM and log management. There are simply too many logs to fully parse and analyze, forcing security teams to make compromises about which log sources merit deep analysis," said Eric Knapp, vice president of technology marketing for NitroSecurity. "ELM -- leveraging the world's fastest SIEM -- changes the game by providing deep analysis across all relevant logs, and immediate access to source log records. We've essentially eliminated the need to manually search through massive log files to investigate threats already detected by the SIEM. Because NitroView has the performance and scalability to bring these together, security teams can be significantly more efficient."

NitroView V8.4 provides a unified workflow and "single pane of glass" interface for all SIEM and log management functions. Other SIEM solutions store and manage raw logs in a log management application, while correlation and analytics are performed by a separate SIEM application. When those SIEM offerings detect a threat, they can at best point the user to a source log file. However, log files can contain megabytes of irrelevant event activity, and require long hours from security personnel to search for relevant items.

As the latest version of the industry's first and only Content Aware SIEM, NitroView V8.4 drills deep and monitors all traffic on the network up to the application layer, protocol use and individual sessions. Using patented data storage and management technology that smashes performance barriers plaguing other SIEM providers, NitroView is able to collect and manage billions of events, logs, network activity flows, and even application content -- while maintaining the real-time analytics that are required for rapid incident response.

NitroView V8.4 is available now.

For more information visit http://www.nitrosecurity.com or call 888-LOG-SIEM.

About NitroSecurity

NitroSecurity develops award-winning security information and compliance management solutions that protect business information and infrastructure. NitroSecurity solutions reduce business risk exposure and increase network and information availability by removing the scalability and performance limitations of security information management. Utilizing the industry's fastest analytical tools, NitroSecurity identifies, correlates and remediates threats in minutes instead of hours, allowing organizations to quickly mitigate risks to their information and infrastructure. NitroSecurity serves more than 500 enterprises across many vertical markets, including healthcare, education, financial services, government, retail, hospitality and managed services. For more information, please visit http://www.nitrosecurity.com.

Contact Information