EventTracker Security Center

Award winning cyber security and compliance software

Overview
EventTracker Security Center identifies security threats, EventTracker Security Center ingests millions of security
malware, unusual behavior and suspicious network traffic and log events and processes them through advanced
and notifies you when you’re under attack. Today’s network analytics to detect and notify when changes in patterns
defenses are routinely penetrated as the threatscape is across users and systems occur, based on unusual behavior
constantly evolving to evade detection. Firewalls, anti- and out-of-ordinary access. EventTracker Security Center
virus and IDS/IPS are essential, but are not enough to monitors for anomalies and suspicious network activities
prevent cyber-attacks. Further, keeping up with security at and provides built-in response rules to block or terminate
scale, 24x7, across all assets, is more than a full-time job. harmful activities. Integrated threat intelligence provides
curated data on bad actors, locations and IP addresses
Whether your organization has 25 servers or 2,500,
across the globe to answer who, when and where.
EventTracker Security Center can help by improving log
analysis, awareness, detection and incident response EventTracker Security Center organizes and presents
across all your servers, workstations, network devices, all your data in the form of dashboards and reports and
locations and teams. archives to a compressed electronic vault meet regulatory
retention requirements.
Indicators of compromise exist even when attackers are
dormant. EventTracker Security Center provides powerful
cyber security features to address detection deficits that Pricing
occur from a lack of resources or a lack of awareness by
EventTracker Security Center is available by annual or
identifying evidence of attackers in your network.
perpetual license, with pricing to fit any budget.

Monitor:
n Servers & Workstations
n Firewalls, Routers and Switches
n IDS/IPS

n File & folder access

n Antivirus

n Applications

n Behavior changes of users and systems

n CPU/Disk/Memory Threshold

n Databases

n Network devices, wireless access points

n USB and CD/DVD

n Virtual infrastructure

n …and more

Supported Log File Formats:

n Windows EVT/EVTX
n SYSLOG
n SYSLOG NG & R-SYSLOG

n SNMP V1/V2/V3

n IIS/IIS W3C/IIS MSID

n XML

n FLAT FILES / TEXT

n …and more

EventTracker | 8815 Centre Park Drive, Columbia MD 21045

www.eventtracker.com
 Features
Endpoint Threat Detection & Response
Real-time Alerting & Incident Response
EventTracker Windows endpoint sensors detect suspicious
EventTracker generates real-time notifications via email or text
network activity including connections to poor reputation
when important events occur.
sites and IP addresses; unknown process/malware analysis
Authorized users may access the intuitive Incidents dashboards integrated with dozens of threat exchanges, NIST/NSRL,
to review and manage prioritized alerts. Quickly drill-down, filter, commercial external and local safe lists.
sort, annotate, acknowledge and forward Incidents.
Auto-response options can be enabled to shut down systems
The built-in investigative framework and workflow is modeled or terminate suspect connections and unauthorized software
on the SANS recommendations for managing security incident launches. Monitor and block unauthorized USB inserts and file
response. Administrators and analysts can flag and share copy activities.
concerning incidents, note investigative progress, attach artifacts
and findings to efficiently collaborate with other team members. Behavior Analysis & Correlation
LogBook management reporting helps to keep others in the loop.
Behavior Analysis enables you to quickly detect and address
changes in systems and user behaviors. Configurable rules
Reporting
definitions and thresholds coupled with automatic baseline
EventTracker provides a comprehensive reports module that learning provide real-time alerting on activity anomalies.
is pre-configured with hundreds of security, compliance and
Real-time processing of Advanced Correlation rules alert for
operations reports to get you up and running quickly. Scheduling,
sophisticated intrusions & insider threats.
wizards provide custom definitions, filtering, grouping and
delivery options. Use the extensive rules library or create your own through the
intuitive wizard interface.
Create custom reports on your own using the powerful FLEX
Reports wizard.
EventTracker Security Center Options
Reports may be published to the EventTracker compliance review
Modules include Change Audit – File Integrity Monitoring (FIM),
dashboard for flagging and annotation so you’re always ready for
Configuration Assessment/SCAP, FIPS 140-2 compliant data
an audit.
transmission, multiple collection points and collection masters.
Compliance mappings for PCI-DSS, HIPAA, ISO, GLBA, FFIEC,
NCUA, FISMA, GPG 13 and more are included – see here. SIEM Simplified: Co-managed Services for Success
If you need on-going assistance with EventTracker Security
Search & Forensic Analysis
Center configuration, customization or security analytics then
EventTracker provides comprehensive and flexible search options our co-managed SIEM services are the affordable way to get the
for occasional and power users. Search using keywords, free text, most out of your software. Our experts will remotely access your
wildcard, EventTracker Categories and advanced ‘‘Smart Token” EventTracker system to provide disciplined oversight and critical
searches. observation summary reports. If you don’t have the staff or the
Drill down, filter, sort, pivot re-arrange columns, save favorites time to keep up with all of it let us show you how we can help do
and quickly export results or convert to EventTracker dashlets for the heavy lifting.
business intelligence. Thousands of pre-configured queries and
filters are available out of the box.
Optional SIEM Simplified services include RUN, WATCH,
Need more Search and Forensics power? For the advanced user, COMPLY TUNE, Vulnerability Scanning, and managed Community
the external data-mart provides indexing, advanced search SNORT IDS.
performance and SQL query capabilities through EventTracker
Explorer.

About EventTracker EventTracker delivers business critical solutions that transform high-volume cryptic log data into
actionable, prioritized intelligence that will fundamentally change your perception of the utility, value and organizational
potential inherent in log files. Our leading solutions offer Security Information and Event Management (SIEM), real-time
Log Management, and powerful Change and Configuration Management to optimize IT operations, detect and deter
costly security breaches, and comply with multiple regulatory mandates.

EventTracker | 8815 Centre Park Drive, Columbia MD 21045

www.eventtracker.com