The new version features three new advancements: an incident case API supporting the incident object description exchange format (IODEF) standard, correlation engine enhancement and new log collection policies.
The IODEF is the new commonly accepted standard for incident description that allows computer emergency response teams to manage and share all incidents in a common format, from security event management systems to helpdesk systems.
The correlation engine enhancement allows users to instantly see when accounts are being hijacked or shared, while other security event management products require several disparate rules. Having a single correlation rule to detect common threats greatly simplifies product administration and reduces the chance of human error.
It also introduces pre-built, high-level collection policies and filtering rules to allow companies to decide to collect all, none or only particular raw logs. It can also determine an organisation's level of risk and select from one of several pre-built recommended collection and filtering policies. The default settings are pre-configured for regulatory compliance with all major standards, including PCI DSS, SOX and HIPAA.
The company claimed that it is designed to streamline the analysis of log data throughout the enterprise and provide deep insights into data, simplifying security event management processes, improving security and reducing time to resolution.
Dominique Levin, EVP of marketing and strategy at LogLogic, said: “LogLogic is committed to providing our customers with easy-to-use and easy-to-integrate solutions that meet and exceed their security and compliance goals. We have upgraded Security Event Manager v3.3 to support the latest open industry standards, as well as to enhance the management controls and usability of the product.”