LOG Storm combines log management and security information management with correlation technology, real-time monitoring and an integrated incident response system. The tool analyzes all event messages to identify patterns of attack, filters out false positives and prioritizes critical events. Incident information is accessible from nearly all screens within the LOG Storm GUI. This product improves the quality of alerts by incorporating vulnerability data into its correlation technology - allowing alert administrators to better determine if the monitored assets are vulnerable to certain threats. Another interesting feature is its behavior-based analytics aiding in the identification of new attacks that follow similar patterns to past attacks, but use different types of connections that attempt to bypass signature-based countermeasures.
展开▼
