En
En
Products
SearchInform DLP
SearchInform Risk Monitor
SearchInform ProfileCenter
SearchInform FileAuditor
Data protection and classification
Access rights audit
User activity audit, investigation
Compliance
Use case: access control and change management
Use case: user behavior and insider detection
Use case: eDiscovery
Use case: file cleanup
SearchInform SIEM
TimeInformer
Cloud solutions
Third-party integration
Services
Services
SearchInform for MSSP
How to max out SearchInform services
Compliance
Saudi Arabian Monetary Authority
GDPR compliance with SearchInform
Personal Data Protection Bill
Resources
White Papers
Research
How to
Practices and use cases
Videos
Partners
Become a Partner
Partner login
Contact us
Products
SearchInform DLP
SearchInform Risk Monitor
SearchInform ProfileCenter
SearchInform FileAuditor
SearchInform SIEM
TimeInformer
Cloud solutions
Third-party integration
Services
Services
SearchInform for MSSP
How to max out SearchInform services
Compliance
Saudi Arabian Monetary Authority
GDPR compliance with SearchInform
Personal Data Protection Bill
Resources
White Papers
Research
How to
Practices and use cases
Videos
Partners
Become a Partner
Partner login
Contact Us
Book a return call
HomeProduct NewsNew Release of SearchInform Event Manager: Linux Support and Graph of Incidents
BACK TO BLOG LIST
New Release of SearchInform Event Manager: Linux Support and Graph of Incidents
22.11.2017

The latest version of SearchInform Event Manager provides for the complex control of security events on the servers and endpoints under Linux OS. The graph of incidents gives IS and IT experts access to relevant and constantly updated information about properties and state of corporate ecosystem.

The SearchInform Event Manager system for monitoring and analysis of security events is supplied with preset policies that automate audit of suspicious activity in the IT infrastructure. The new version of SIEM is enhanced with preset policies for Linux servers and workstations.

The updated system notifies about logon with the root rights, failures to log in, SSH errors. The system controls creation and assignment of rights to account, detects change of passwords and many other events.

The new rules include filters for security events of Postfix mail servers built in the Unix-based systems. Preset policies will notify about failures to log in, logons from unknown locations, events with unknown user, SSL connection errors, and other suspicious events.

The new version of SIEM features rules for audit of operations with files and directories of vsftpd FTP server: official FTP of Linux kernel. Out of 73 rules added in the latest release of SIEM, 45 rules control Linux systems.

SearchInform Event Manager was enhanced with new data sources and security policies for events of HTTP servers with cross-platform Apache SW, VMware virtualization environments, Oracle servers, Cisco network hardware, and FortiGate complex network security hardware.

“At the early stage of SIEM development, we were focused on the creation of rules for security events of application systems, developed connectors for technical means of protection, authorization and authentication systems. As the system develops, more and more mew data sources are added,” comments SearchInform Development Department Head Dmitry Gatsura. “Russian private companies and especially government agencies transit to Russian OSs based on the open OSs. So, it is logical that after control agent of our SearchInform DLP started working under Linux OS, we extended Syslog, and now our SIEM reads Linux logs.”

Besides, the developers enhanced features of SIEM with a graph of incidents which displays the current state of corporate system. The interactive graph displays servers, users, and PCs of the company with the number of incidents. Selecting a particular user or computer in the graph, an auditor can go to extended rules, incidents on them and description of threats.

BACK TO BLOG LIST
Also read:
SearchInform Risk Monitor Updates: new User Interface and Enhanced Transparent Control Capabilities
Employee monitoring Risk management
15.04 Products News
The SearchInform Risk Monitor’s Capabilities of Web-camera, Monitor and User Activity Control for Linux Operated PCs Were Extended
Employee monitoring Risk management DLP
11.12 Products News
Subscribe to get helpful articles and white papers. We discuss industry trends and give advice on how to deal with data leaks and cyberincidents.
Products and Services
FileAuditor
DLP
Risk Monitor
ProfileCenter
SIEM
MSSP
Cloud Deployment
Company
Contact
About Our Company
Company Portfolio
Our Clients
Press About Us
Press Kit
Resources
White Papers
Third-party integration
Research
Practices and use cases
Videos
News
Company News
Product News
Events
Blog
Challenges
Compliance
Data Loss Prevention
Investigation
Data at Rest Discovery
Data Encryption
Data Visibility
Data Classification and Protection
Data at Rest Discovery
Time Tracking and Employee
Monitoring
Corporate Fraud Mitigation
Roles
C-level executive
Risk manager
Internal audit officer
Compliance manager
Information security analyst
Chief Human Resources Officer
Industries
Business Services
Education
Financial Services
Government
Insurance
Manufacturing
Healthcare
Retail
Energy
Hospitality
Construction
Partners
Become a partner
Partner login
SearchInform products are recognized by
Gartner The Radicati Group
Follow us:
© 2024 SearchInform LTD All rights reserved.
Terms of Use
Licence
Privacy&Cookies