TECH DIGITAL RESOURCE LIBRARY

Correlog

CorreLog, Inc. delivers security information and event management (SIEM) combined with deep correlation functions. CorreLog's flagship product, the CorreLog Security Correlation Server, combines log management, Syslog, Syslog-NG, SNMP, auto-learning functions, neural network technology, proprietary semantic correlation techniques and highly interoperable ticketing and reporting functions into a unique security solution. CorreLog furnishes an essential viewpoint on the activity of users, devices, and applications to proactively meet regulatory requirements, and provide verifiable information security. CorreLog automatically identifies and responds to network attacks, suspicious behavior and policy violations by collecting, indexing and correlating user activity and event data to pinpoint security threats, allowing organizations to respond quickly to compliance violations, policy breaches, cyber attacks and insider threats. CorreLog provides auditing and forensic capabilities for organizations concerned with meeting SIEM requirements set forth by PCI/DSS, HIPAA, SOX, FISMA, GLBA, NCUA, and others. CorreLog markets its solutions directly and through partners. Visit www.correlog.com

Our Website: http://www.correlog.com


Latest Content From Correlog

Whitepaper: Rounding out Your SIEM Strategy with SNMP

by CorrelogJan 01, 2012

Every security professional knows that syslog is the main protocol for security. And most Security Information and Event Management (SIEM) systems frame this as the singular way of collecting log data. For today?s security professional, syslog protocol dominates, and is almost always synonymous with logging.

However, SIEM is really more about security information of all types. It is also about event detection and management from multiple data sources, not just syslog fi les. This white paper points out some new ways to look at SNMP data in the context of identifying potential IT security threats. Specifically, we address what SNMP values are indicative of possible security threats. We also discuss why combining SNMP and syslog data to a correlation engine is a best practice for proactive SIEM. By leveraging the native SNMP data that already exists within your enterprise, you can obtain a wealth of new information that applies directly to your security management strategy.


Whitepaper: Integrating the CorreLog Security Correlation Server with McAfee ePolicy Orchestrator (ePO)

by CorrelogOct 01, 2011

This white paper provides a detailed discussion of objectives and methodologies for integrating CorreLog software with McAfee ePolicy Orchestrator (ePO) software. This document also describes the features and capabilities of the implementation, intended as a top-level description of how to add CorreLog's Security Information and Event Management (SIEM) functions with the ePO software system, to create a single unified system.


Whitepaper: Best Practice Log Management: Correlation is Key

by CorrelogOct 01, 2011

Today, collecting email data is a necessity for compliance standards, forensic analysis and managing end-user performance and availability. But making sense of the data is a challenge within itself. Collecting the data is only part of the equation and research and many shops are turning towards correlation which helps bring meaning to the massive amount of data collected. This white paper explains how to establish a systematic approach to identifying relationships (correlating!) between log data that indicates potential problems as they occur.