New Security Information Management Software Links Real-Time Threats and Business Vulnerabilities to Unite Prioritized Incident Responses with Proactive Risk Reduction.
OpenService (Open) today announced the availability of Security Threat Manager (STM) version 3.0. The new software enhances the ability of security managers to identify high-risk threats well before they compromise business operations as well as enabling them to map, prioritize and pinpoint vulnerability management activities to the business services most at risk. Combining both intelligence with enterprise-scale performance, the new software successfully addresses the growing security challenges of increased worm, virus and hacker activity; limited resources; and increasing regulatory compliance.
“Interest in SIM software is increasing as networking and security teams try to manage vast amounts of alerts from the multitude of solutions deployed, and beat the 2005 deadlines imposed by Sarbanes-Oxley and HIPAA,” said Dan Keldsen, Senior Analyst and Chief Technology Officer, Delphi Group. “Organizations need to analyze and categorize the threats they face in terms of the risk to their business and operations, not just theoretical risk as viewed by many other security layers. The value of using SIM software to integrate these disparate data sets is to guide organizations toward the most critical threats in their planning and response; and layer intelligence on top of otherwise disconnected layers of security solutions.”
Managers inundated with data generated by multiple layers of security solutions and services can now take a more sophisticated, prioritized and business-centric approach to threat identification and remediation. The new software gives enterprises and government organizations sophisticated risk-based correlation and assessment capabilities to make security data more actionable, alerts more timely, and responses more relevant; essential to minimizing enterprise risk and meeting the mandates created by legislation such as Sarbanes-Oxley and HIPAA. New features that address these needs include:
— Security Business Intelligence: STM 3.0 links security threats to lines of business in real-time, making the risk clear to operations and enabling better informed responses. The software provides easy to understand visualizations of lines of business at risk, managed with easy rules to map and drill down to hosts in any area, function or region. The risk-based correlation weights and prioritizes events based on asset value, target vulnerability, attack severity, sensor location and other tunable parameters. This approach, also available in STM’s ad-hoc risk reports and analyses, enables security managers to easily see how vulnerabilities and risk vary across the enterprise, and to target responses accurately.
— Consistent Guided Threat Responses: Addressing the off-hours security coverage challenge, STM 3.0 now ensures consistent threat- and event-driven operator-initiated responses. Using STM, second- and third-line security or network operations center staff can initiate custom, pre-defined actions to security threats, well before the virus, worm or attacker can cause any damage – without the expense and inconvenience of contacting on-call security experts after-hours. Adding these consistent, guided, operator-initiated threat responses to STM’s existing automated threat response functions addresses the people and process components of successful IT security management. STM 3.0 also adds full configuration management and versioning to critical application management settings.
— Platform and Architectural Enhancements: STM 3.0 complements its existing stateful risk analysis and other pre-defined correlation algorithms with a completely new custom correlation rules editor, extending its built-in low-maintenance risk-based event correlation. STM 3.0 adds complete Red Hat Linux support (to Windows and Solaris), and provides seamless integration with its optimized full log forensics database to consolidate, aggregate and analyze years of firewall, server and IDS log data. With version 3.0, Open has also enhanced its automated update service, which keeps the product’s signature, exploit and vulnerability database current.
“STM 3.0 is the first SIM to become a platform to guide both proactive and reactive IT security risk management and incident response processes,” said Phil Hollows, Vice President Product Marketing, OpenService, Inc. “Its ability to easily map enterprise risk and real-time threats to business operations – and to provide operators with the structure they need to respond appropriately – enables our customers to easily prove compliance with Sarbanes-Oxley and HIPAA security mandates, while saving time not chasing false alarms that have been eliminated by its industry-defining stateful risk-analysis correlation algorithms.”
Pricing and Availability
Security Threat Manager version 3.0 is generally available today. Pricing is primarily driven by the volume of log events being managed.
