Log management, in terms of compliance, is primarily focused on the secure collection, encryption, and storage of raw log files—for use in compliance audits and for use as evidence, if needed. However, outside of compliance logs must also be analyzed for security purposes. The result has been a dual-solution approach: implement Log Management system such as NitroView ELM for compliance, and a Security Information Management system such as NitroView ESM for analysis, correlation, incident detection, mitigation and remediation.
Wouldn't it be easier if Log Management & SIEM were combined?
Logs need to be managed, stored, and protected ... but they also need to be analyzed. That's why many log management companies are starting to provide basic SIEM functionality, and why many SIEM companies are selling add-on log management solutions. NitroSecurity believes in the complete integration of Log Management and SIEM.
The first steps are here today: leveraging the ad-hoc reporting capabilities of NitroView ESM to provide robust analysis of most logs, and NitroView ELM's universal log management capabilities to examine the rest: if LogCaster sees anything out of the ordinary, it will send a compatible event to the ESM, so that it can be correlated with other security events and log data, and even network flows.
What's next for SIEM & Log Management? Leveraging the full power of our high-performance data management architecture, NitroSecurity has developed NitroView ELM; a true, enterprise-class system integrating the features of Log Management, Log Analysis & SIEM — including a common management and analysis interface, universal log collection, analysis & storage, full log search capability, and the ability to instantly locate the signed & encrypted raw log file associated with any given event&all from a single interface.
Want to know more about NitroView ELM? Register today and receive notifications of product availability, beta programs, and more.
|
Log in
