Security Management Solutions
Security Management Solutions
Overview | Management | Board & Investors | Careers | Contact Us
Overview | NerveCenter | InfoCenter | ThreatCenter | LogCenter | InfoCenter on IBM BladeCenter
Overview | Compliance Solutions | Security Management Solutions | Network Management Solutions
Overview | Professional Services | Education & Training | Customer Support
Overview | Case Studies
Overview | Premier Partners | Strategic Partners | Technology Partners
Press Releases | Articles & News | Tradeshows & Exhibits
Security Event Correlation & Security Threat Management

Security Event Correlation


Event correlation is the key to properly identifying the true threats an organization is facing. The best real-time security event correlation engines have the power and scalability to collect, normalize, consolidate and correlate events from the largest organizations, enriching data with extensible threat taxonomies, knowledge-base links and both user-defined and automated responses to threats.

InfoCenter's security event correlation delivers all of these security event correlation capabilities—and more. More than simply aggregating security events, InfoCenter's intelligent security event correlation identifies intrusions early, accurately and efficiently by taking into account the event's intrinsic risk (i.e. its potential severity), the vulnerability and importance of the asset being targeted, and both recent and long-term activity associated with the data in the attack event. By combining these factors together, as well as other security event correlation algorithms, InfoCenter delivers true threat identification and triage, allowing security analysts to focus on the threat signal in the event noise.

InfoCenter's security event correlation identifies true threats before they become expensive compromises, as well as detecting events that indicate a compromise in process, or activity indicating a compromised system or user. Unlike other security event correlation solutions, however, InfoCenter's security event correlation is based in high-level pattern recognition and statistical algorithms. These security event correlation routines not only detect threats better than rules-based systems, they eliminate the need to write rules for the security event correlation engine on a daily basis—enabling InfoCenter to be managed by standard security administrators, freeing the IDS and security gurus to focus on attack management instead of technology management.

All you need to do with InfoCenter is keep your IDS, anti-virus and firewall rules up to date and its security event correlation code will automatically be able to identify and triage the threats from these systems. And by automatically applying its security business intelligence rules to the security event correlation results, InfoCenter makes security threats (and security operations responses) relevant, visible and meaningful to the lines of business the security event correlation technology is protecting.

 | Privacy Policy  | Copyright  | ©2002-2008 OpenService, Inc. All Rights Reserved