EventTracker’s new platform to unmask dormant malware
EventTracker, a provider of security information and event management (SIEM), today announced the launch of EventTracker Security Center 8.3, the latest version of its SIEM platform. The new version provides advanced features to combat modern ransomware and polymorphic and mutating malware, expanded threat intelligence integration and various GUI enhancements, all of which result in faster threat detection.
The new platform includes SIEM, intrusion detection, vulnerability scanning, threat intelligence, and honeynet deception technology, and can be implemented either on-premises or in the cloud. The company ensures its clients’ success by overlaying the technology with professional services for remote administration, analysis, compliance support, and tuning for optimal results. These services are provided by security experts at the company’s security operations center (SOC).
Highlights of EventTracker Security Center 8.3:
- Dormant Malware Hunter – It identifies hidden EXE and DLL files that have never executed, while exempting those found on a known safe files list. As a result, copies of malware can be removed from the network, preventing re-infection or propagation.
- Threat Center STIX/TAXII Support – EventTracker’s threat intelligence capabilities are enhanced through the integration of commercial and open source threat feeds and intelligence from STIX/TAXII-compliant providers, as well as from the clients’ own internal honeynets. Threat Center uses the data to reduce false positives while finding and prioritizing potential and actual threats.
- Enhanced MSP User Management – An important focus of this release is empowering IT service providers to protect their customers’ infrastructure with enhanced scalability and user management for managed service providers (MSPs) by handling subscription-related activities for each individual client, such as tracking the monthly usage of services. It also allows easier monitoring of usage by multiple customers and more granular management of user permissions.
- Improved User Interface for EventVault Explorer – The upgraded interface delivers faster data loading, more selection control, and a simpler user experience for MSPs using EventVault Explorer. The Explorer capability makes log searches easier and faster by searching for more specific data and saving search criteria for future reference.
“In today’s world of ever-increasing cyberattacks, it has become crucial for enterprises to be able to assess digital threat incidents quickly and easily for the security of their infrastructures,” said A N Ananth, CEO, EventTracker.“The new features provided by Security Center 8.3 provide unparalleled threat intelligence for an extremely elevated level of assessment, while also greatly improving threat detection and usability for MSPs,” Ananth added. The Security Center platform is also available with co-managed services that allow enterprises to easily assess incidents in the infrastructure with as much or as little outside expertise as needed. It aims to enable organizations to defend their networks from the latest advanced persistent threats while also complying with multiple regulations.