A daunting challenge faced by IT security staff is the ability to sort through thousands of security events from disparate sources in order to take appropriate mitigation action. Considering the proliferation of specialized security solutions and functional silos throughout the enterprise, it’s a non-trivial task to pinpoint critical security events for further analysis and action. Wide-scale deployment of BYOD and Internet of Things (IoT) devices in an enterprise exacerbates this problem by dramatically increasing the number of generated security events.
Network Sentry features a built-in, two-stage co-relation engine to ingest security events from disparate sources. Once correlated across the sources, a security event of interest can be prioritized based on the contextual information associated with the endpoint in question.