Its crucial for companies to make sense of critical security information pouring in from their various security systems. How does TriGeo SIM enable them to do this?
A significant percentage of TriGeo’s engineering effort is focused on event normalization. This is a critical, and often underestimated, first step in security event management. It’s during this process that we tune the Signal to Noise ratio. The reality is that 10,000 events might contain only a few dozen that should be monitored, and those need to be seen in context with information from multiple sources to truly evaluate. Our event-centric normalization facilitates this analysis, and distinguishes us from systems that are limited by device-centric aggregation. Once normalized, this data can be monitored in real-time, and mapped to specific policies. Policies that answer questions such as: At what threshold does an audit event become a security event? How should we respond when an attack is focused on a critical asset? Who should we notify of inappropriate web or network access attempts? The answers to these and dozens of other questions can be modeled in TriGeo SIM’s policies. This
Related Questions
- Its crucial for companies to make sense of critical security information pouring in from their various security systems. How does TriGeo SIM enable them to do this?
- How will alarm companies using various computer systems tap into the 911-center system?
- Who is Knight Security Systems and what makes us different from other companies?
