EventTracker, a Netsurion company and a leader in security information and event management (SIEM), announced the major release of its award-winning SIEM that enables faster threat hunting and simplified compliance auditing. A mainstay in the cybersecurity space, EventTracker has been recognized by Gartner, Inc. in its Magic Quadrant for Security Information and Event Management for 10 consecutive years.
The new platform, EventTracker 9, improves productivity instantly with a modern interface that is intuitive and customizable; enhances common workflows with more efficient storage and search technology; and expands its capability to scale to the very large and diverse data sets needed for today’s enterprise IT infrastructures.
“The volume, variety, and velocity of security data generated by devices in corporate networks continue to grow exponentially,” said EventTracker CEO A. N. Ananth. “We have adapted the underlying architecture in EventTracker 9 to bring scale and speed to our users. This version also paves the way to ubiquitous SIEM and security monitoring capabilities both on premise and in the cloud, as the perimeter becomes blurred.”
EventTracker targets enterprise customers who are interested in the benefits of a SIEM platform but were put off by the complexity, as well as those who may have tried to use a SIEM solution and were disappointed with the results. The enhanced SIEM platform is also available with co-managed services and a 24/7 SOC-as-a-Service from the EventTracker team called SIEMphonic, which allows enterprises to easily attain the security advantages of using a SIEM, backed up with as much or as little outside expertise as needed.
EventTracker 9 is also aimed at the managed service providers (MSPs and MSSPs) market for organizations that want to provide SIEM-as-a-Service. Its scale, higher degree of automation, configurability, and multi-tenant architecture make it ideal for MSPs serving larger accounts.
The most visible advance in EventTracker 9 is a completely re-imagined, modern user interface. Drawing from user inputs, including its own SIEMphonic team of security analysts and threat hunters, the latest version boasts many new capabilities that make it simpler and faster to make sense of all of the data, extract the value and find answers, such as:
- Re-designed dashboard with customizable tiles—Usage analysis determined that people repeatedly ask the same things of the system; now users can configure their own dashboard tiles to answer their frequently asked questions at a glance
- Intuitive, faster, and modern—Sleek, contemporary appearance and usability features make using the product easier and faster
- Use anywhere—From large Control Center displays or on-the-go with an optimized, responsive design
- Automated workflows—Enhanced customization and flexibility improves user productivity
- Single pane of glass for SOC—Tighter integration of endpoint protection features, intrusion detection, vulnerability scanning, threat intelligence, dormant malware hunter and honeynet deception technology
The new UI will make experienced security analysts more efficient and help organizations and MSPs address the endemic skill shortage for security analysts by making senior—and junior— team members more productive.
Other updated enhancements in EventTracker 9 include:
- Massive scalability using Elasticsearch—Proven, open-source search technology delivers big data capacity, so enterprises can capture all the data required for automated analysis and rapid investigations
- Faster, more flexible search—Superfast Lucene technology provides full-text indexing and searching capability for unstructured data to enable threat hunters to rapidly follow up threat investigations and hunches at scale
- Common taxonomy to standardize disparate information sources—EventTracker’s Common Information Model (CIM) normalizes and maps all logs/events to common schema to make searching faster and more efficient across many diverse sources such as VPNs, Active Directory firewalls, and many more
- Cost-effective scalability—Commoditized, cloud-based, and unstructured, EventTracker with Elasticsearch lowers the total cost of ownership for creating and maintaining the massive data lakes required for cybersecurity by reducing storage, database, and hardware costs
“In today’s world of ever-expanding IT infrastructures and cyberattacks, scalability and better tools for threat hunters and auditors are essential for enterprises,” said Ananth. “Our latest version meets these requirements today, helps make these scarce and expensive specialists more productive and effective, and positions us strongly for future growth.”