Platform
Cyber Threat Watch Centre powered by Thoughthive Platform
THOUGHTHIVE'S THREATSENTINEL: Powerful Threat Visibility and Complete Log Management for Secure, Compliant Operations
Threatsentinel
Features
- Powerful yet affordable log management and security compliance for all environments
- Lightning fast setup and configuration, very easy to manage and use
- Automatic correlation and identification of security incidents
- Rapid access to centralized log data for incident response, forensics, and discovery
- Service-oriented architecture and expandable sizing provides maximum scalability and flexibility
- Built in support for over 1,000 devices and applications plus easy device integration tool
- Includes reporting packs for all major regulatory compliance standards
THREATSENTINEL'S INCIDENT MODEL
THREATSENTINEL PROVIDES AN ARSENAL OF THREAT MANAGEMENT AND RISK REDUCTION TOOLS
- Real-time Incident Identification gives users instant visibility into threats in time to secure systems and prevent attacks from negatively impacting the network.
- Automated Correlation Technology intelligently analyses all event messages to identify stealth patterns of attack, filter out false positives, and prioritize critical events.
- Centralized Event Logging Management and Storage lets you rapidly investigate incidents and provides easy access to all incident data, raw logs and correlated records.
- Vulnerability Data Correlation alerts administrators to the threats, the incidents that actually have the potential to exploit your systems.
- Zero-day Attack Identification uses powerful behaviour-based analysis to identify new attacks that can bypass signature-based countermeasures.
- In-depth Incident Summaries and Drill-downs let users quickly see who was involved in an incident, what systems were affected, and how an attack occurred.
- Built-in Incident Resolution Workflow features centralized case tracking and automated notification and delivers recommendations for remediation and mitigation.
- Security and Compliance Reports aid in incident investigation and documentation, and include reporting packs for PCI, SOX, HIPAA, GLBA, FISMA and ISO.
- Extensive Device Support ensures integration with over 1,000 devices, systems, and applications.
- Integrated Device Builder Tool lets you quickly and easily add support for other data sources and proprietary systems.
- Lightning-fast setup and configuration.