Log360 Can Now Secure and Audit Public Cloud Platforms and Streamline Security Incident Management
ManageEngine released enhancements to its SIEM solution, Log360, adding log management for AWS and Azure cloud environments as well as an incident management console to efficiently track and resolve security incidents. ManageEngine will give a hands-on demonstration of the latest version of Log360 at GISEC 2017 from May 21st to 23rd at the Dubai World Trade Centre.
“With businesses increasingly adopting cloud deployments, IT security administrators are now tasked with securing their cloud infrastructure as well. A SIEM portfolio ought to provide monitoring and auditing capabilities for public cloud platforms in order to truly achieve complete visibility into an organization’s IT,” said Manikandan Thangaraj, director of product management at ManageEngine.
When commenting on Log360’s new incident management system, Thangaraj added that, “The biggest challenge for a security operations center is early detection and mitigation of security threats. Real-time security alerts are a must, but administrators also need an efficient, accountable process for resolving incidents. And that is the problem we set out to solve.”
On top of existing support for physical and virtual environments, Log360 can now also collect, analyze, search, and archive logs from AWS and Azure to give key insights into activity on critical cloud resources.
- Adds comprehensive public cloud auditing for AWS and Azure to Log360’s SIEM arsenal.
- Monitors and secures cloud infrastructure with predefined reports and alert profiles.
- Tracks critical user activities, configuration changes, security group changes, business-critical applications, and more.
- Incident management system: Efficiently track, manage, and resolve security incidents.
Log360 now includes an incident management system that lets security administrators keep track of all the incidents arising in their network with a straightforward, built-in ticketing system. This feature allows administrators to:
- Create alert profiles to detect anomalous events in their network and automatically assign tickets to security administrators.
- Ensure accountability in a security operations center by easily tracking the entire incident resolution process.
- Add resolution notes to every incident, which can later serve as their organization’s knowledge and error database.
- Centralize their ticketing system by automatically raising a ticket in their help desk, including ServiceNow and ServiceDesk Plus, when Log360 triggers an alert.