Support
 
Support Get Quote
 
 
 
 

Detecting threats in Windows

Detecting threats in Windows

Dealing with threats can be overwhelming, given that new threats are constantly popping up, while old ones are hard to completely extinguish. Regardless of how sophisticated threats are, or how many threats organizations face, the ability to identify them is key to securing any organization. However, analyzing every identified threat isn't feasible nor affordable. What prevents easy threat analysis is the lack of understanding required to distinguish an actual threat from false positives.

EventLog Analyzer's threat detection system was designed for security administrators to help them work around all these practical difficulties. EventLog Analyzer consolidates information from security tools—such as vulnerability scanners, endpoint security protection tools, and perimeter security devices—and outputs comprehensible data that can be used to decide which threats should be flagged.

Vulnerability scanners

EventLog Analyzer supports multiple vulnerability scanners, including Nessus, Qualys, OpenVas, and NMap. With intuitive vulnerability reports, evaluating security flaws associated with ports, devices, groups, services, and protocols is easy. These reports help EventLog Analyzer identify the attack type to decide if it's important or just a false alarm.

Threat intelligence applications

EventLog Analyzer analyzes log data from threat intelligence applications to identify critical security events such as malware attacks, source and target IPs, port scans, viruses, and active sensors. This process helps when assessing the flow of external security attacks. This information is part of the puzzle of narrowing down possible network attacks. EventLog Analyzer provides out-of-the-box support for FireEye and Symantec Endpoint Protection solutions.

Data Loss Prevention (DLP) application

EventLog Analyzer examines Symantec DLP application log data to provide detailed information on top senders, recipients, protocol used, target data, and data owners. It correlates information on confidential data access with insights from vulnerability scanners and threat intelligence applications to detect potential threats

Threat intelligence platform

EventLog Analyzer mitigates attacks by detecting a wide range of malicious IPs. It does this by integrating with the top ten open-source feeds to include over 600 million globally blacklisted IPs. As soon as a suspicious IP interacts with the network, EventLog Analyzer sends out notifications in real-time via email or SMS. This way, EventLog Analyzer's threat intelligence platform acts proactively and ensures quick and efficient threat mitigation.

Customer Speaks
  • Credit Union of Denver has been using EventLog Analyzer for more than four years for our internal user activity monitoring. EventLog Analyzer provides great value as a network forensic tool and for regulatory due diligence. This product can rapidly be scaled to meet our dynamic business needs.
     
    Benjamin Shumaker
    Vice President of IT / ISO
    Credit Union of Denver
  • The best thing, I like about the application, is the well structured GUI and the automated reports. This is a great help for network engineers to monitor all the devices in a single dashboard. The canned reports are a clever piece of work.
     
    Joseph Graziano, MCSE CCA VCP
    Senior Network Engineer
    Citadel
  • EventLog Analyzer has been a good event log reporting and alerting solution for our information technology needs. It minimizes the amount of time we spent on filtering through event logs and provides almost near real-time notification of administratively defined alerts.
     
    Joseph E. Veretto
    Operations Review Specialist
    Office of Information System
    Florida Department of Transportation
  • I love the alerts feature of the product. We are able to send immediate alerts based on pretty much anything we can think of. We send alerts when certain accounts login, or when groups are changed, etc. That has been very helpful. Also the automatic archive of the log files has been very helpful and has taken the worry out of keeping old logs. The “Ask Me” function is very nice as well. It is great to have some natural language queries built in where you can just click a button and get an answer.
     
    Jim Earnshaw
    Senior Computer Specialist
    Department of Chemistry
    University of Washington
  • Windows Event logs and device Syslogs are a real time synopsis of what is happening on a computer or network. EventLog Analyzer is an economical, functional and easy-to-utilize tool that allows me to know what is going on in the network by pushing alerts and reports, both in real time and scheduled. It is a premium software Intrusion Detection System application.
     
    Jim Lloyd
    Information Systems Manager
    First Mountain Bank

EventLog Analyzer Trusted By

A Single Pane of Glass for Comprehensive Threat Management