Vanguard announces support of Security Information and Event Management (SIEM)

 

The need for early detection of targeted cyber attacks and data breaches is driving the  requirement for SIEM support.

SIEM is an approach to security management that seeks to provide a holistic view of an organization’s information technology security.

Vanguard Security Solutions

Cloud Authentication provides the control required across the enterprise, supporting any SAML based cloud including Google, Yahoo, Sales Force, Microsoft 365, LinkedIn and any other Security Assertion Markup Language cloud.

Continuous Monitoring of information systems security provides organizations with near real-time information about security breaches and changes in security controls reducing risk, exposure and vulnerabilities.

GDPR is designed to give individuals better control over their own personal data and establish a single set of rules across Europe.

Protecting the confidentiality, integrity and availability of patient information is no longer just a best practice for healthcare organizations, HIPAA a legal requirement.

Vanguard’s HITRUST solution is a comprehensive, standards based solution solving the complex challenges that face the Health Information Trust Alliance (HITRUST).

Vanguard’s IAM automates and simplifies z/OS® security server security and compliance administration tasks and enhances delegation capabilities and identity governance.

Vanguard’s PCI security solution helps determine your level of compliance with PCI, as well as validate your adherence to PCI requirements.

Sarbanes-Oxley (SOX) solutions from Vanguard enable organizations to automate the entire compliance lifecycle – from design and documentation, through test, review, approval and certification – reducing the cost and complexity of compliance.

Replace z/Secure – Upgrade to the Next Generation of Cyber Security.

SIEM provides a holistic, unified view into not only the infrastructure but also workflow, compliance and log management. SIEM can provide a multitude of capabilities and services efficiently.

 

The SIEM requirement is driven by customer needs to apply security analytics to event data in real time for the early detection of targeted attacks and data breaches and to collect, store, analyze and report on log data for incident response, forensics and regulatory compliance.

 

Vanguard’s new Active AlertsTM  offering provides the ability to continuously monitor security related events at the system and or user-specified level. When an event occurs, Vanguard Active Alerts will notify the SIEM in order for enterprises to take decisive action and make critical business decisions.

 

SIEM is supported across the Vanguard enterprise security software suite, through our Active Alerts solution. Today we support ArcSight®, CorreLog®, LogPoint® and Splunk® offerings along with any other SIEM capable of consuming SYSLOG formatted messages.

 

The SIEM provides a holistic, unified view into not only the infrastructure but also workflow, compliance and log management. SIEM can provide a multitude of capabilities and services efficiently.

 

At the core, SIEM provides Data Aggregation, Correlation, Alerting, Dashboards, Compliance, Retention and Forensic Analysis.

 

Key Takeaways

  • Vanguard supports SIEM within the Active Alerts solution.
  • Vanguard supports ArcSight, Correlog, LogPoint and Splunk today.
  • Vanguard can work with any other SIEM capable of consuming SYSLOG formatted messages.