What it does? EventTracker is a Security Information and Event Management (SIEM) solution that automates the secure real-time collection storage correlation reporting and analysis of all log data generated by all enterprise sources. It provides coverage from servers to workstations operating systems to applications network devices to hosts and physical assets (including USB devices racks server hardware) to hypervisors (VMWare and Hyper-V). This enterprise-wide security coverage and unique combination of real-time log management with file integrity and configuration monitoring host-based intrusion detection anomaly detection USB monitoring and automatic remediation provides a comprehensive solution for protecting assets from hacking attempts zero-day attacks malware and employee abuse complying with multiple regulations and optimizing IT operations.
2010 Product Innovations - Network Products Guide
What makes it Innovative? EventTracker is one of the most comprehensive SIEM solutions in the industry that offers the broadest range of features for one turnkey price. It is one of the first solutions to offer seamless security monitoring across both physical and virtual environments (with support for all layers of the virtual infrastructure) for enterprise-wide defense in depth and compliance monitoring. Unlike traditional SIEM solutions EventTracker gathers configuration data in addition to all log data allowing users to monitor changes in the file system and registry to detect policy violations unauthorized changes and zero-day attacks that typically hide on a system by modifying EXEs or DLLs. EventTracker's USB monitoring module tracks not only inserts/removes of devices but also records all USB activity and instantly disables devices based on predefined policy for a "trust but verify" approach to insider theft management. Another innovation is the integration of automatic remediation that stops attacks in their tracks by executing commands based on pre-defined or user-defined conditions.