On 4 April 2017, SearchInform announced a release of a new version of SearchInform Event Manager upgraded with new features, in particular, Syslog format support. SearchInform SIEM now features new preset rules and capability to create custom rules for data processing. It is available now to configure processing filters by types, statuses, sources, and message text. When creating a rule, you can use regular expressions and their options. This way, you can customize unique settings of the system for every application-oriented task. Among preset categories of events, there are available ready filters for
The new version of SIEM is supplemented with a unique connector that allows working with the time tracking module. The connector has preset rules for detecting activity of employees out of official working hours and also warns about activity of long-absent users. The connector configuration is very simple. The data source is SearchInform DLP agents that track employees' working hours.
"We have told many times that we develop the product without imitating competitors, but focusing on the real needs of our customers. SearchInform Event Manager is a new product, but its functionality already differs from similar systems both in the domestic and foreign markets. The program runs out of the box – it has a wide range of preset rules and does not require extensive setup. We prioritize that the client receives not a complex and overloaded constructor, but preconfigured to maximum, understandable and convenient tool," commented Dmitry Gatsura, head of the development department of SearchInform.
SearchInform Event Manager is a system for collecting, monitoring, and analyzing security events from corporate systems in real time. The program collects information from various sources, analyzes it, detects incidents and notifies security experts about them. The system allows you to get results immediately after installation as it has a wide range of preset rules and does not require a basic revision.