ForensicVue extends the existing forensic capabilities of eIQnetworks' unified situational awareness platform, SecureVue, enabling analysts to quickly search large amounts of security data in all formats, including log events, vulnerabilities, configurations, performance, availability, net flow, file integrity, USB monitoring and system compliance data and correlate it via a single console. ForensicVue can also be used on data aggregated from 3rd party applications such as ePO, SEP and SIEM.
"The longer it takes to identify the cause of a breach, the greater the risk posed to Enterprise information assets," explains Vijay Basani, president and CEO, eIQnetworks. "Timely investigative analysis is absolutely critical in the fight against cyber warfare, and no other tool enables analysts to identify the root cause and plug the holes faster than ForensicVue."
ForensicVue helps ensure an organization's IT assets are protected against fast evolving security breaches and policy violations by enabling Enterprise security analysts to search across tens of thousands of nodes, over a sustained period of time and across all security and compliance data to enable proactive protection of Enterprise information assets. This approach eliminates the decision-making-by-committee approach that is a significant factor in the timely detection and remediation of breaches at large and distributed organizations.
Other key features in ForensicVue include:
>> Capturing and storing common queries in a comprehensive library so that historic data can be applied to any data set in the past, present or future
>> The ability to run multiple investigations across every data type, including log events, asset and configuration, vulnerability, net flow, integrity, removable media, vulnerabilities, system compliance and 3rd party application data
>> Support for hundreds of operating systems, network and security devices, enterprise and custom applications, databases and 3rd party products including McAfee EPO, Symantec SEP, CMDBs, SIEM and log management products and others
“No one else is providing the capabilities we see in ForensicVue,” commented Michael Cruise, managing solution director for Remote Services at CompuCom. “It is changing the way we approach network forensic analysis because it is the first tool on the market that provides the ability to search and correlate multiple data types from every source via a single console. For us, it’s like Google real-time search for all security data. Because we are able to search and correlate data in a time sequential way, ForensicVue helps us fix potential issues before they pose a threat to our network.”
eIQ’s ForensicVue is now shipping with SecureVue.
eIQnetworks delivers unified situational awareness solutions for the largest enterprises around the world, including government, financial, telecommunications, retail and healthcare. The company’s flagship solution, SecureVue', is the only platform to provide a more accurate, in-depth view of an organization’s security position via a single console through comprehensive, real-time security monitoring, compliance automation, configuration auditing and forensic analysis. Vital to the protection of an organization’s infrastructure, the company’s solutions proactively protect against cyber attacks, detect breaches and policy violations and respond to incidents and security controls. eIQnetworks is a privately held company headquartered in Acton, Mass. For more information, visit: http://www.eiqnetworks.com.