The new NitroView ESM Version 8.4 and new Enterprise Log Manager (ELM) tools are fully integrated and provide a single view of all SIEM and log management functions. The tools also work with NitroSecurity's database application monitoring and IPS tools: "We work at Layer 7, so if someone tries to get into the database who shouldn't," the security team is alerted, says Jerry Skurla, executive vice president of marketing for NitroSecurity.
"Being able to quickly view the raw logs in one click from the parsed event is an essential innovation in SIEM/log management," said Anton Chuvakin, author of the popular Security Warrior blog, in a statement. "The tighter the integration between log management and SIEM, the lower the costs will be across a wide variety of security and compliance operations."
Version 8.4 comes with a geo-location feature, as well, giving security managers a visual rendering of where security attacks or traffic is occurring geographically in the network. The feature drills down to cities or other specific locations.
Eric Knapp, vice president of technology marketing for NitroSecurity, says SIEM and log management integration has been slow to emerge because of the heavy volume of logs. NitroSecurity's offering includes in-depth analysis of the relevant logs, he says.
"We've essentially eliminated the need to go back and manually search through logs just to investigate threats that have already been detected by the SIEM. Because we have the performance and scalability to bring these together, security analysts and SOC operations team can be significantly more efficient," Knapp said in a statement.
Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.