November 19, 2009
EventTracker 6.4 seamlessly spans physical and virtual IT systems for end-to-end security and compliance visibility
Columbia, MD – Prism Microsystems, developers of the EventTracker solution that provides turnkey Security Information and Event Log Management (SIEM) capabilities to the midsize enterprise, today announced the immediate availability of EventTracker 6.4. In an industry first, the new version extends SIEM features to all layers of the virtual infrastructure to help companies instantly detect compliance violations and security breaches in the new dynamic data center.
EventTracker 6.4 fills a critical gap in the virtual security market left open by traditional SIEM/Log Management solutions that are unable to see beyond the veil of virtualization. Critical items such as privileged user activity or the flow of data between virtual machines on a single host need to be monitored for compliance and ensuring defense in depth. However, security designed for physical computing environments is unable to provide such granular insight into the virtual environment. EventTracker 6.4 addresses this concern by monitoring and correlating log data in real-time at all layers of the virtual infrastructure including the management application, the hardware, the barebones hypervisor, the guest OS and applications, for deep security awareness.
“Virtualization has gone mainstream. Although the benefits are numerous, the accompanying challenges of visibility, control and added complexity require businesses to change the way they manage security. With EventTracker 6.4, our customers are not only ensured a powerful solution for securing their virtual infrastructure, they also benefit from seamless monitoring across both physical and virtual systems for enterprise-wide compliance and security visibility,” said A.N.Ananth, CEO of Prism Microsystems. “This latest innovation further strengthens our commitment of providing the industry’s most comprehensive SIEM solution.”
Also in the new release is a feature referred to as Enterprise Activity Monitoring (EAM). This new capability provides a dashboard that identifies any new or out-of-ordinary behavior by user, admin, system, process and IP address to detect hitherto unknown attacks such as zero-day breaches and malware. While standard correlation engines require knowledge of a condition to write a rule, EAM uses statistical and behavioral correlation to identify anomalies and help security personnel answer the question – “What don’t I know that can hurt me?” The combination of the correlation engine and EAM make EventTracker particularly well-suited for defense against a wide-variety of security risks.
“I haven’t seen other vendors implement the ability to monitor activity by running process with much success. EventTracker 6.4 excels at this. It uses behavior analysis to alert you to the presence of any new process in your environment. This lets it detect the installation of inappropriate software, enhancing your incident response team’s ability to identify compromised machines,” said Andrew Hay in a review of EventTracker 6.4 for Network Computing Magazine.
About Prism Microsystems
Prism Microsystems delivers business critical solutions that transform high-volume cryptic log data into actionable, prioritized intelligence that will fundamentally change your perception of the utility, value and organizational potential inherent in log files. Prism’s leading solutions offer Security Information and Event Management (SIEM), real-time Log Management, and powerful Change and Configuration Management to optimize IT operations, detect and deter costly security breaches, and comply with multiple regulatory mandates.
Visit www.eventtracker.com for more information. Follow us on Twitter @logtalk.