INTELLIGENT BRANDS // Cloud
ManageEngine strengthens
its SIEM Solution with public
cloud log auditing and incident
management system
M
anageEngine, the real-
time IT management
company, has released
enhancements to its SIEM
solution, Log360, adding log
management for AWS and
Azure cloud environments
as well as an incident
management console to track
and resolve security incidents.
ManageEngine gave a hands-
on demonstration of the latest
version of Log360 at GISEC 2017.
“With businesses increasingly
adopting cloud deployments,
IT security administrators
are now tasked with securing
their cloud infrastructure as
well. A SIEM portfolio ought
to provide monitoring and
auditing capabilities for public
cloud platforms in order
to truly achieve complete
visibility into an organisation’s
IT,” said Manikandan
Thangaraj, director of
product management at
ManageEngine.
When commenting on Log360’s
new incident management
system, Thangaraj added:
“The biggest challenge for a
security operations centre is
early detection and mitigation
of security threats. Real-time
security alerts are a must, but
administrators also need an
efficient, accountable process for
resolving incidents, and that is
the problem we set out to solve.”
On top of existing support
for physical and virtual
52
INTELLIGENTCIO
Manikandan Thangaraj, director of product
management at ManageEngine.
environments, Log360 can now
also collect, analyse, search, and
archive logs from AWS and Azure
to give key insights into activity
on critical cloud resources.
The system:
Adds comprehensive public
cloud auditing for AWS and
Azure to Log360’s SIEM
arsenal.
Monitors and secures cloud
infrastructure with predefined
reports and alert profiles.
Tracks critical user activities,
configuration changes, security
group changes, business-
critical applications, and more.
Log360 now includes an incident
management system that lets
security administrators keep track
of all the incidents arising in their
network with a straightforward,
built-in ticketing system.
This feature allows administrators
to:
Create alert profiles to detect
anomalous events in their
network and automatically
assign tickets to security
administrators.
Ensure accountability in a
security operations centre
by easily tracking the entire
incident resolution process.
Add resolution notes to every
incident, which can later
serve as their organisation’s
knowledge and error database.
Centralise their ticketing
system by automatically
raising a ticket to their help
desk, including ServiceNow
and ServiceDesk Plus, when
Log360 triggers an alert. ¡
www.intelligentcio.com