HAWK Network Defense - Solutions - Security Event Correlation |
Security Event Correlation (SEC) is one of the most crucial components essential to effective SIEM operation, and this is where HAWK has no equal.
Effective correlation only occurs only when the security process workflow can capture and analyze all of the relevant information for every device and source on a network. HAWK solves the problem of capturing and correlating massive amounts of data and gives you the ability to relate and analyze events from a variety of vendors, intrusion detection devices, and all event-generating sources across the infrastructure.
Additionally, HAWK capabilities extend far beyond the simple collection, normalization, and prioritization of event data and give you the ability to consolidate data in a contextual setting and apply it to meaningful, comprehensive policies to yield useful, actionable information.
HAWK’S EyeCon ability to correlate Big Data allows for the security practitioner to focus on actionable security events. |
| • |
Ability to collect, correlate, and manage Big Data |
| • |
Parallel queries against multiple data base shards/Grid Architecture |
| • |
True many to many correlation |
| • |
Configurable scoring system |
| • |
Deliver actionable security events |
| • |
Complete reporting for Regulatory Compliance |
|
|
