NitroSecurity Unveils Advanced Correlation Engine

NitroView ACE delivers both real-time and historical correlation capabilities

November 22, 2011

3 Min Read

PRESS RELEASE

PORTSMOUTH, N.H. – November 17, 2011 – NitroSecurity, Inc., the leader in high-performance, content-aware security information and event management (SIEM) solutions today announced its new NitroView Advanced Correlation Engine (ACE) appliance. Available immediately as part of NitroView version 9.0, NitroView ACE delivers both real-time and historical correlation capabilities and empowers enterprises and government organizations to correlate large volumes of disparate data to detect and remediate zero-day threats, more efficiently predict and prevent future attacks, and scale and streamline security operations.

Powered by NitroSecurity’s unique NitroRSC™ risk score technology, NitroView ACE offers two dedicated, high-performance analysis engines – “rule-less” risk score correlation and traditional rule-based event correlation – and provides a dedicated processing resource to correlate even larger volumes of data, delivering the rich analysis, rapid reporting and actionable intelligence required by security operations centers (SOCs) in today’s global enterprises. This capability transforms SIEM into the foundation of real-time security intelligence.

Prioritize Defense – Tracks all activity related to an organization’s most important assets, applications or users, and builds a dynamic score that raises or lowers based upon real-time activity. When a score exceeds a specified threshold, an event is generated within NitroView’s single pane of glass UI for immediate analysis.

Identify and Assess Threats in Real-time – Correlates all logs and events, along with contextual information such as identity, roles, vulnerabilities and integrated asset scores to detect patterns indicative of larger threats – including zero-days.

Understand Historical Asset and Threat Activity – In addition to predicting potential future targets and offering real-time assessment of live activity, NitroView ACE keeps a complete audit trail of priority scores and events. All activity can be “replayed” through either or both correlation engines for recursive threat detection. This allows an organization to forensically gauge the impact of previously undetected zero-day threats.

“Big Data is on the list of every analyst and industry watcher for 2012 – and the bigger the data set, the more places attackers can hide,” said Ken Levine, CEO of NitroSecurity. “Our unmatched technology has the horsepower and flexibility to help detect the most subtle insider threat or stealthy outsider attack. NitroView ACE and version 9.0 vastly enhance the granularity to which customers can predict and analyze threats while preserving, and even extending, the performance that has become our hallmark.”

The release of NitroView version 9.0 also includes hundreds of workflow and operational improvements including:

Role-based Watchlists – Every SIEM user has their individual priorities, concerns and scope of responsibility. NitroView’s new role-based watchlists let each user highlight the items that are most important to them, so they stand out from the background of event noise. Alarm Management – Watchlists are a key element of NitroView’s new Alarm Management system, which can trigger any number of customizable alarms based on almost any condition. Notably, alarms can also trigger a variety of actions – from basic notifications to audible alarms, and from dynamic blacklisting to the execution of third-party scripts. Integrated Asset Management – Users can better understand which assets are sensitive, classified or critical; whether they are vulnerable or exploitable; and the policies associated with those assets. NitroView’s integrated asset manager enhances security while maintaining a relevant and human-readable audit trail.

About NitroSecurity

NitroSecurity develops high-performance security information and event management (SIEM) solutions that protect critical information and infrastructure. NitroSecurity solutions reduce risk exposure and increase network and information availability by removing the scalability and performance limitations of security information management. Utilizing the industry’s fastest analytical tools, NitroSecurity identifies, correlates and remediates threats in minutes instead of hours, allowing organizations to quickly mitigate risks to their information and infrastructure. NitroSecurity serves more than 600 organizations in the energy, healthcare, education, financial services, government, retail, hospitality and managed services industries. For more information, please visit http://www.nitrosecurity.com.

McAfee recently announced its intent to acquire NitroSecurity.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights