FFIEC News

TriGeo InDepth Melds Real-Time SIEM Correlation and Deep Forensic Log Analysis

(Oct 15, 2007)-- TriGeo Network Security, the proactive network defense company, introduced TriGeo InDepth, the first IT Search appliance designed to blend real-time event correlation, deep forensic analysis and point and click response.

InDepth gives enterprises search functionality and granular forensic analysis for network events -- encompassing users, devices and applications. Powered by Splunk, TriGeo's new IT Search solution aggregates and archives all log data in real time, with proprietary data collection, storage and indexing technology that delivers secure, fast and repeatable searching across terabytes of data.

"The devil is in the details, which is why IT departments and auditors desire the finest level of information available," said Michelle Dickman, TriGeo's president and CEO. "Now, companies can capture and review plain-language alerts of corporate policy violations, and dive deep into the underlying logs -- to understand the complete picture of network threats."

TriGeo InDepth integrates completely with TriGeo SIM to provide a single, seamless console for real-time event analysis and forensic exploration. Completing the circle is TriGeo's unique Point and Click Response capability that empowers IT staff to act immediately on malicious behavior, policy violations or even just network management issues.

Gartner considers this powerful one-two punch -- ease of use and strong analysis -- extremely important. "Security information and event management functional requirements are rapidly changing as the technology is adopted broadly to solve compliance and security gaps," noted Gartner analysts Mark Nicolett and Kelly Kavanagh in Gartner's May 2007 Magic Quadrant for Security Information and Event Management, (SIEM), 1Q07 report. "Ease of deployment and support and the ability to analyze more detail over a longer period have become key."

An add-on appliance designed to complement TriGeo SIM, InDepth provides important context for all network activity. While data is analyzed and events are correlated by TriGeo SIM, they're simultaneously indexed and archived by TriGeo InDepth. The InDepth data can be explored at any time, for any reason, across any period, but when events do occur InDepth surfaces the details needed to take forensic analysis to a whole new level.

TriGeo SIM is both a unique network defense technology and an "Audit-Proven" compliance solution that meets the security monitoring and log management requirements imposed by PCI, GLBA, NCUA, FDIC, HIPAA, SOX and more.

Share or bookmarklet this web page at: