Tenable Network Security announced the availability of Log Correlation Engine (LCE) version 4. By combining normalized log data from devices throughout enterprise networks with vulnerability intelligence, it detects botnets and other malicious communications.
“It’s critical for enterprises to have complete visibility into the threat environment. Tools that can correlate logs and event records, can efficiently prioritise incidents, can separate real security violations from false alarms, and can aggregate security events from different locations and devices, are becoming critical components for security risk management,” said Charles Kolodgy, Research VP for security products at IDC.
“The synthesis of security and vulnerability management, as occurs in Tenable’s USM platform, can facilitate adherence to risk management baselines because it provides policy and compliance context, and puts threat and vulnerability information into proper context, thus offering a comprehensive view of the enterprise’s risk posture,” Kolodgy added.
LCE 4 introduces several new enhancements that speed results, optimize workflow, and improve system reliability including:
- Event processing speeds in excess of 30,000 events per second give network, security, and compliance teams near-instant visibility, pinpointing threats and misconfigurations.
- “Smart’ load balancing goes beyond simple “round robin” server switching capabilities by automatically targeting new or underutilized servers when workloads increase. Users can dynamically add new instances of LCE that will aggressively accept workloads until it has caught up with its peers.
- Enhanced event full-text search allows LCE users to identify specific events and network based activity by rapidly sifting through mountains of log data.
“We’re working with some of the industry’s largest and most complex networks – actively monitoring tens-of-thousands of IPs for anomalous and malicious activity while red flagging true threats as they emerge,” said Ron Gula, CEO and CTO of Tenable Network Security. “Our Log Correlation Engine can literally pick a needle out of a haystack of log data in a matter of seconds – which makes a paramount difference when you’re tasked with safeguarding a massive network.”