SolarWinds this week launched a replacement to its log and event management offering in an effort to give security pros better real-time SIEM features with added visibility into cybersecurity posture and more ways to automate recurring activities.
The Lowdown: The new SolarWinds Security Event Manager can collect and normalize event logs generated across on-premises networks and systems for analysis in a central repository. SEM comes with an integrated threat intelligence feed and automation features that should help security teams speed threat detection, response, and reporting.
The Details: Specifically, the new SolarWinds SEM offering features:
>Events Console: New HTML5 interface provides real-time and historical viewing, searching, and filtering of log data for identifying suspicious and malicious activity.
>Rules Console: Lets security analysts build and manage correlation rules to identify, alert on, and automatically respond to attacks.
>Node and Connector Management Console: Simplifies the addition of new log sources and management of existing sources.
>File Integrity Monitoring Filter Exclusions: Reduces noise associated with file integrity monitoring and improves threat-detection accuracy.
The Buzz: “In today’s rapidly evolving threat landscape, IT and security professionals are faced with many challenges, including threats that keep pace with network growth and complexities, a continual security skills gap, and growing compliance pressures,” said Brandon Shopp, vice president of security product strategy at SolarWinds. “We’ve launched SolarWinds SEM to help mitigate these challenges, further delivering on our promise of making IT, and IT security, look easy.
“While security itself is complex, a SIEM tool does not have to be complicated to be effective,” said Shopp. “SEM delivers comprehensive, centralized threat detection without the requirement of additional resources, while automating security processes for scale.”