SolarWinds has introduced the addition of a threat intelligence feed to SolarWinds® Log & Event Manager, a powerful security information and event management (SIEM) product designed for resource-constrained IT organizations. SolarWinds Log & Event Manager provides out-of-the-box threat intelligence data and automatically tags events to ensure that suspicious activity can be identified by simply running a report or search. By analyzing and comparing activity against a list of known malicious threats compiled by third party security research teams, IT security pros can identify known, proven threats and limit the impact of cyber-attacks.
“In a new security reality where most security IT pros have to assume the worst — a breach has already occurred — it is imperative to have constant visibility into known threats in order to quickly detect security issues and limit the loss associated with a data breach,” said Nikki Jennings, group vice president, product strategy, SolarWinds. “With added threat intelligence, SolarWinds Log & Event Manager now enables IT security pros to take immediate action if a threat is detected and proactively monitor for additional vulnerabilities in their environment.”
SolarWinds Log & Event Manager delivers comprehensive SIEM capabilities in a highly affordable, easy-to-deploy virtual appliance. SolarWinds Log & Event Manager automates and simplifies the complex task of security management, root cause analysis, incident response and continuous compliance, assisting IT security pros in the identification and remediation of threats and vital network issues — before critical systems and data can be exploited.
What will IT security pros solve next with SolarWinds Log & Event Manager?
The latest SolarWinds Log & Event Manager with threat intelligence incorporates data from various threat feeds to quickly identify suspicious activity and pinpoint potential security issues, including:
- Malware infections targeting internal hosts that are communicating with known bad actors
- Phishing attempts where internal hosts click on an unsuspecting email and “phone home” to a malicious command and control server
- External attacks from hosts that might be infected themselves or are already known for nefarious activity
New SolarWinds Log & Event Manager Features
- Compare all traffic monitored by SolarWinds Log & Event Manager against data from a regularly updated threat feed to identify malicious activity
- Out-of-the-box filters and correlation rules that can be customized to alert on specific threats or combinations of threats based on specific IT needs
- Enable immediate action on any threat detected by disabling network connections, killing system processes or removing a domain user from a privileged group
- Automatically update log normalization templates to allow SolarWinds Log & Event Manager to support the most current vendors and devices