SolarWinds has introduced the addition of a threat intelligence feed to SolarWinds Log & Event Manager, a security information and event management (SIEM) product designed for resource-constrained IT organizations.
SolarWinds Log & Event Manager provides out-of-the-box threat intelligence data and automatically tags events to ensure that suspicious activity can be identified by simply running a report or search. By analyzing and comparing activity against a list of known malicious threats compiled by third party security research teams, IT security pros can identify known, proven threats and limit the impact of cyber-attacks.
“In a new security reality where most security IT pros have to assume the worst—a breach has already occurred – it is imperative to have constant visibility into known threats in order to quickly detect security issues and limit the loss associated with a data breach,” said Nikki Jennings, group vice president, product strategy, SolarWinds. “With added threat intelligence, SolarWinds Log & Event Manager now enables IT security pros to take immediate action if a threat is detected and proactively monitor for additional vulnerabilities in their environment.”
SolarWinds Log & Event Manager delivers comprehensive SIEM capabilities in a highly affordable, easy-to-deploy virtual appliance. SolarWinds Log & Event Manager automates and simplifies the complex task of security management, root cause analysis, incident response and continuous compliance, assisting IT security pros in the identification and remediation of threats and vital network issues—before critical systems and data can be exploited.
SolarWinds Log & Event Manager with threat intelligence incorporates data from various threat feeds to quickly identify suspicious activity and pinpoint potential security issues, including malware infections, phishing attempts, and external attacks.
With the added threat intelligence, traffic will be monitored by SolarWinds Log & Event Manager against data from a regularly updated threat feed to identify malicious activity.
The software now also features out-of-the-box filters and correlation rules that can be customized to alert on specific threats or combinations of threats based on specific IT needs.
Another new capability enables immediate action on any threat detected by disabling network connections, killing system processes or removing a domain user from a privileged group.
The new intelligence feeds also automatically updates log normalization templates to allow SolarWinds Log & Event Manager to support the most current vendors and devices
SolarWinds Log & Event Manager pricing starts at U$4,495 and includes the first year of maintenance.