Tripwire has moved into the security information and event management (SIEM) space with a new log centre solution.
The log and event management software is the first offering that analyses event and change information. According to the company, this results in intelligent threat control that allows for continuous compliance and non-stop security, without the cost and complexity associated with existing security tools.
It claimed that traditional log management tools simply collect and store logs to meet audit requirements, but do not provide the intelligence needed for real-time security. It said that its log centre combines event and change data without compromising on intelligence, performance and scalability. This means that companies have the security solution they need to respond to threats quickly and maintain continuous compliance without the complexity of traditional log and SIEM tools.
Features include: activity analysis to monitor all events and changes in real-time to ensure that all threatening activities are acted upon; real-time threat monitoring via rich dashboards and custom notifications that provide the real-time visibility and automatic alerting needed to monitor all security threats; and automated event response to suspicious activities before they impact critical systems.
Rob Warmack, senior director of international marketing at Tripwire, claimed that companies would like more configuration and need to look at change and where access attempts come from. He said: "If I am a CEO I am asking questions like am I secure? Am I compliant? Which vendors do I trust?"
He claimed that there are four key areas for SIEM: file integration, compliant policy management, not knowing where events are and visibility of change and events.
"Our strategy is implementing intelligence and automation. Where do we need greater intelligence? This is a major turn for us, we are using the past file management and integrity and people are saying that they need log management and we intend to be the vendor," said Warmack.
Dwayne Melancon, VP log management at Tripwire, said: "We can put change in events together, see if there are holes and the goal is to focus on the risk to business. The luxury of the market is that we architected the way that people do event management. Existing SIEM has tried to get them to work together but it can take a day to put together, we can pull information in and do that in real-time and no one else is doing that.
"We are making the pile go away, we are trying to redefine the expectations of security."
Dan Schoenbaum, chief operating officer of products at Tripwire, said: “Adding Tripwire Log Center to our product portfolio alongside the Tripwire Enterprise product family helps customers take control of their IT infrastructure while adhering to compliance regulations defined by government and industry.”