Event Management

With some subtle differences, there are four major functions of SIEM (Security Information and Event Management) solutions:
  1. Log Consolidation - centralized logging to a server
  2. Threat Correlation - the artificial intelligence used to sort through multiple logs and log entries to identify attackers
  3. Incident Management - workflow - What happens once a threat is identified? (link from identification to containment and eradication).
    1. Notification - email, pagers, informs to enterprise managers (MOM, HP Openview™)
    2. Trouble Ticket Creation
    3. Automated responses - execution of scripts (instrumentation)
    4. Response and Remediation logging
  4. Reporting
    1. Operational Efficiency/Effectiveness
    2. Compliance / SOX, HIPAA, FISMA...
    3. Ad Hoc / Forensic Investigations
 

On-Demand Vulnerability Scanning:

Allows for unlimited scanning of Internet IP addresses to enable ongoing compliance with PCI quarterly vulnerability scanning requirement. Online filing allows for automatic notification to acquiring bank once compliance is achieved.

PCI Compliance Management Portal:

An online portal designed to facilitate PCI compliance efforts and to assist in managing all work efforts related to acheiving PCI compliance. Portal includes PCI related news articles with expert analysis, a comprehensive PCI knowledgebase, downloadable tools and templates, and more.