Tenable Network Security Reveals Next Generation SIEM

Log Correlation Engine Version 4 introduces several new enhancements that speed results, optimize workflow, and improve system reliability

Dark Reading Staff, Dark Reading

June 12, 2012

3 Min Read

Columbia, MD (June 12, 2012) - Tenable Network Security, Inc., the leader in Unified Security Monitoring (USM), today announced Log Correlation Engine (LCE) Version 4 will be generally available on June 26, 2012. A critical component of Tenable's USM platform, Tenable's LCE provides advanced and unique SIEM functionality. By combining normalized log data from devices throughout enterprise networks with vulnerability intelligence, it detects botnets and other malicious communications that other solutions miss. The LCE helps organizations move from periodic assessment to continuous and instant identification and response to security and compliance threats.

"It's critical for enterprises to have complete visibility into the threat environment. Tools that can correlate logs and event records, can efficiently prioritize incidents, can separate real security violations from false alarms, and can aggregate security events from different locations and devices, are becoming critical components for security risk management," said Charles Kolodgy, Research VP for security products at IDC. "The synthesis of security and vulnerability management, as occurs in Tenable's USM platform, can facilitate adherence to risk management baselines because it provides policy and compliance context, and puts threat and vulnerability information into proper context, thus offering a comprehensive view of the enterprise's risk posture."

LCE Version 4 introduces several new enhancements that speed results, optimize workflow, and improve system reliability including:

. Event Processing Speeds in Excess of 30,000 events per second give network, security, and compliance teams near-instant visibility, pinpointing threats and misconfigurations. . 'Smart' Load Balancing goes beyond simple "round robin" server switching capabilities by automatically targeting new or underutilized servers when workloads increase. Users can dynamically add new instances of LCE that will aggressively accept workloads until it has caught up with its peers. . Enhanced Event Full-text Search allows LCE users to identify specific events and network based activity by rapidly sifting through mountains of log data.

"We're achieving our compliance goals, protecting our customers' information, and turning our existing log data into valuable network intelligence that affords us the opportunity to identify threats, problems, and patterns in real time," said Phil Lambert, Director Information Security, Starwood Vacation Ownership and user of Tenable's Log Correlation Engine solution.

These updates, along with additional functionality enhancements embedded in LCE Version 4, make it easier than ever for organizations to integrate log and event management data with vulnerability management initiatives. This integration delivers two key business benefits:

. Cost Savings: Integration between log correlation and vulnerability management improves operational efficiency and reduces costs by eliminating the need for a standalone log management solution that requires additional staffing and financial resources.

. Rock-Solid Security: The integration of log correlation data with vulnerability intelligence results in streamlined compliance, faster and more reliable attack mitigation and detection, and deeper intelligence and reporting on existing and emerging risks.

"We're working with some of the industry's largest and most complex networks - actively monitoring tens-of-thousands of IPs for anomalous and malicious activity while red flagging true threats as they emerge," said Ron Gula, CEO and CTO of Tenable Network Security. "Our Log Correlation Engine can literally pick a needle out of a haystack of log data in a matter of seconds - which makes a paramount difference when you're tasked with safeguarding a massive network."

Tenable Network Security is trusted by tens-of-thousands of security professionals worldwide and its SecurityCenterT and Nessus® solutions are seen as the industry standard by IT security, compliance, and risk managers. The company's technology is the cornerstone for network security in many of the world's largest healthcare, financial, retail, and educational organizations and is currently being deployed across the entire Department of Defense and select federal intelligence agencies. Tenable's USM platform incorporates the world's most accurate vulnerability sensors - the award-winning Nessus vulnerability scanner and the Passive Vulnerability Scanner - with the industry's largest database of vulnerabilities, threats, and compliance data, delivering real-time network vulnerability intelligence and threat correlation.

About the Author(s)

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights