Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Analytics

11/18/2011
04:42 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

NitroSecurity Introduces Advanced Correlation Engine Appliance

NitroView ACE delivers both real-time and historical correlation capabilities

PORTSMOUTH, N.H. – November 17, 2011 – NitroSecurity, Inc., the leader in high-performance, content-aware security information and event management (SIEM) solutions today announced its new NitroView Advanced Correlation Engine (ACE) appliance. Available immediately as part of NitroView version 9.0, NitroView ACE delivers both real-time and historical correlation capabilities and empowers enterprises and government organizations to correlate large volumes of disparate data to detect and remediate zero-day threats, more efficiently predict and prevent future attacks, and scale and streamline security operations.

Powered by NitroSecurity’s unique NitroRSC™ risk score technology, NitroView ACE offers two dedicated, high-performance analysis engines – “rule-less” risk score correlation and traditional rule-based event correlation – and provides a dedicated processing resource to correlate even larger volumes of data, delivering the rich analysis, rapid reporting and actionable intelligence required by security operations centers (SOCs) in today’s global enterprises. This capability transforms SIEM into the foundation of real-time security intelligence.

Prioritize Defense – Tracks all activity related to an organization’s most important assets, applications or users, and builds a dynamic score that raises or lowers based upon real-time activity. When a score exceeds a specified threshold, an event is generated within NitroView’s single pane of glass UI for immediate analysis.

Identify and Assess Threats in Real-time – Correlates all logs and events, along with contextual information such as identity, roles, vulnerabilities and integrated asset scores to detect patterns indicative of larger threats – including zero-days.

Understand Historical Asset and Threat Activity – In addition to predicting potential future targets and offering real-time assessment of live activity, NitroView ACE keeps a complete audit trail of priority scores and events. All activity can be “replayed” through either or both correlation engines for recursive threat detection. This allows an organization to forensically gauge the impact of previously undetected zero-day threats.

“Big Data is on the list of every analyst and industry watcher for 2012 – and the bigger the data set, the more places attackers can hide,” said Ken Levine, CEO of NitroSecurity. “Our unmatched technology has the horsepower and flexibility to help detect the most subtle insider threat or stealthy outsider attack. NitroView ACE and version 9.0 vastly enhance the granularity to which customers can predict and analyze threats while preserving, and even extending, the performance that has become our hallmark.”

The release of NitroView version 9.0 also includes hundreds of workflow and operational improvements including:

Role-based Watchlists – Every SIEM user has their individual priorities, concerns and scope of responsibility. NitroView’s new role-based watchlists let each user highlight the items that are most important to them, so they stand out from the background of event noise. Alarm Management – Watchlists are a key element of NitroView’s new Alarm Management system, which can trigger any number of customizable alarms based on almost any condition. Notably, alarms can also trigger a variety of actions – from basic notifications to audible alarms, and from dynamic blacklisting to the execution of third-party scripts. Integrated Asset Management – Users can better understand which assets are sensitive, classified or critical; whether they are vulnerable or exploitable; and the policies associated with those assets. NitroView’s integrated asset manager enhances security while maintaining a relevant and human-readable audit trail.

About NitroSecurity

NitroSecurity develops high-performance security information and event management (SIEM) solutions that protect critical information and infrastructure. NitroSecurity solutions reduce risk exposure and increase network and information availability by removing the scalability and performance limitations of security information management. Utilizing the industry’s fastest analytical tools, NitroSecurity identifies, correlates and remediates threats in minutes instead of hours, allowing organizations to quickly mitigate risks to their information and infrastructure. NitroSecurity serves more than 600 organizations in the energy, healthcare, education, financial services, government, retail, hospitality and managed services industries. For more information, please visit http://www.nitrosecurity.com.

McAfee recently announced its intent to acquire NitroSecurity.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
US Capitol Attack a Wake-up Call for the Integration of Physical & IT Security
Seth Rosenblatt, Contributing Writer,  1/11/2021
More SolarWinds Attack Details Emerge
Kelly Jackson Higgins, Executive Editor at Dark Reading,  1/12/2021
Vulnerability Management Has a Data Problem
Tal Morgenstern, Co-Founder & Chief Product Officer, Vulcan Cyber,  1/14/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-7343
PUBLISHED: 2021-01-18
Missing Authorization vulnerability in McAfee Agent (MA) for Windows prior to 5.7.1 allows local users to block McAfee product updates by manipulating a directory used by MA for temporary files. The product would continue to function with out-of-date detection files.
CVE-2020-28476
PUBLISHED: 2021-01-18
All versions of package tornado are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with default configura...
CVE-2020-28473
PUBLISHED: 2021-01-18
The package bottle from 0 and before 0.12.19 are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with defa...
CVE-2021-25173
PUBLISHED: 2021-01-18
An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory allocation with excessive size vulnerability exists when reading malformed DGN files, which allows attackers to cause a crash, potentially enabling denial of service (crash, exit, or restart).
CVE-2021-25174
PUBLISHED: 2021-01-18
An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory corruption vulnerability exists when reading malformed DGN files. It can allow attackers to cause a crash, potentially enabling denial of service (Crash, Exit, or Restart).