New SIEMLink Application Permits Instant Integration between Existing Security Infrastructure and the Powerful Analytics of NetWitness NextGen
HERNDON, VA – April 22, 2008 – NetWitness Corporation, the leading provider of next generation network security monitoring and active threat intelligence software, today announced the release of NetWitness SIEMLink™. A breakthrough in network security monitoring innovation, SIEMLink™ enables instant integration of NetWitness NextGen technology with existing enterprise security infrastructures. SIEMLink provides the data that incident response and cyber threat analysis teams need to fuse security event telemetry with the detailed session analysis provided by NetWitness NextGen.
SIEMLink™ is a light-weight application designed to act as a transparent, real-time translator of critical security event data between Web-based consoles, such as security event and information management (SIEM) systems and network and system management (NSM) programs. Unlike other products, SIEMLink™ requires no special coding or systems integration work to link an organization’s existing SIEM with NextGen. NetWitness NextGen customers can now greatly augment and empower any existing SIEM, intrusion detection or logging console, or enterprise network management system with zero integration effort.
“In order to effectively ensure security, organizations often need forensic evidence and detailed analytics beyond those provided by the alerts of IDS, ADS, and SIEM products,” said Michael Montecillo, Analyst with Enterprise Management Associates. “SIEMLink bridges the gap between high-level alerts and the information necessary to detect issues such as zero day attacks, designer malware and false positives. Moreover, SIEMLink provides the live threat intelligence to investigate, classify and resolve dangerous issues before they become a financial or reputation nightmare.”
“Anyone who has spent a lot of time in a security operations center knows how difficult it can be to respond effectively and decisively to security events without adequate analytics or when critical threat intelligence information is lacking,” said Tim Belcher, Chief Technology Officer of NetWitness Corporation. “With last year’s introduction of Informer, NetWitness has been able to send application layer and content alert information into SIEM-like environments. We are now pleased to release SIEMLink™ because it gives security operations folks what they have been lacking to get the job done – detailed contextual analysis of every event that occurs on the network, and answers to the threat-related questions they face on a daily basis. In other words, we can augment a SIEM deployment very efficiently by both pushing information into the SIEM as well as helping people respond to SIEM information presented to them.”
NetWitness SIEMLink™ is available immediately to all NetWitness NextGen customers. SIEMLink is one of many applications and utilities developed for the NetWitness NextGen security monitoring framework that leverage its “record once / re-use many times” architecture. NetWitness supports customers by providing optimal network security monitoring solutions that can be tightly integrated with current security investments.
About NetWitness NetWitness Corporation provides patented next generation security monitoring products that enable organizations to achieve Total Network Knowledge™. Users of NetWitness NextGen can concurrently solve a wide variety of network and security problems, including, insider threat management, data leakage protection, malware activity detection, network performance management, and compliance verification. NetWitness Investigator and Informer provide definitive answers to tough security problems and threats through automated and interactive network understanding of application layer data and related content. Originally, developed for the US Intelligence Community, NetWitness has evolved to provide enterprises with breakthrough methods of network content analysis and risk determination. Customers include Defense, National Law Enforcement and Intelligence Agencies and Fortune 1000 organizations. To evaluate NetWitness in your environment, please email sales@netwitness.com. For additional information, please visit www.netwitness.com.