Solutions >CorreLog SIEM Solution Suite

CorreLog, Inc. supplies software-based solutions needed to implement or enhance SIEM and enterprise system management services. These standards-based components are easy to deploy and get started with,providing immediate return on investment. Additionally, these components provide the depth, interoperability, and flexibility required to furnish long life-cycles.

 

CorreLog SIEM Solutions Overview

CorreLog's solutions and services are designed for maximum interoperability, flexibility, and scalability. CorreLog has the capability to work either independently of, or alongside, other SIEM technology to improve threat management and incident response capabilities. We leverage your existing infrastructure, and processes to return the fastest and best return on your existing investments. Correlog offers a wide range of deployment options, including multi-tiered and/or highly centralized or decentralized environments, or any combination thereof. Correlog offers data security managers a rapid and scalable solution to accommodate virtually any iteration and combination of environment architectures or existing SIEM solutions or applications. In sum, Correlog's COTS software offers an existing and immediate approach to address the risk of inadequate or cumbersome threat detection and management, thereby avoiding costly, untested, or unnecessary delays associated with designing to-be-developed solutions.

Click on a link below for detailed information about our solutions.

 

Mainframe Solutions

|

Distributed Solutions

|

Other CorreLog Solutions

 

Mainframe Solutions

CorreLog SIEM Agent for IBM z/OS featuring dbDefender™
CorreLog provides its unique z/OS MVS Mainframe Agent, which allows you to tap into the SMF and RACF security information of your mainframe LPARs. This agent integrates seamlessly into CorreLog, and gives you the ability to complete your security management by making mainframe security a standard part of your security operations.

The Agent for z/OS also features dbDefender™ which provides real-time monitoring for DB2. Any organization with PCI DSS or other industry standard considerations needs this up-to-the-second monitoring of DB2 to ensure compliance. dbDefender™ can be ordered as a component of SIEM Agent for z/OS or as standalone product.
Learn More...

 

CorreLog dbDefender™ DAM Agent for IBM® DB2®

dbDefender™ Database Activity Monitoring (DAM) Agent for DB2 provides up-to-the-second DB2 monitoring and security alerts for mainframe event log correlation delivered to CorreLog’s distributed SIEM system or any other SIEM including Splunk, HP ArcSight, IBM QRadar, RSA Security Analytics, LogRhythm, Solutionary and many others. Your DB2 data is a high-value target for cyber criminals. Protect it with dbDefender™

Learn More...

 

CorreLog IND$Defender™ for IBM z/OS

IND$FILE for Time Sharing Option (TSO) is a file transfer program that allows a user on a Windows-/UNIX-based PC to upload or download datasets from IBM z/OS. The security vulnerability with providing users the IND$FILE facility in IBM z/OS is that RACF (Resource Access Control Facility), the mainframe’s security program, does not audit IND$FILE.

Learn More...

 

CorreLog File Integrity Monitor (FIM)
As a standard feature, CorreLog Server includes a powerful File Integrity Monitor (FIM) agent for Microsoft Windows 32 and 64 bit systems, as well as for Linux, Solaris, AIX, and HPUX UNIX platforms.This simple-to-deploy agent provides a continuous test of file integrity (based upon directory paths and user configured match patterns)supporting PCI-DSS requirements, as well as special applications such as Windows "Prefetch" monitoring, asset management, and change management.
Learn More...

 

CorreLog dbDefender DAM Agent for IBM z/OS for McAfee Data Center Security Suite

CorreLog has partnered with McAfee to provide a certified DAM agent for the McAfee Data Center Security Suite (a.k.a. McAfee DAM). The CorreLog dbDefenderTM DAM Agent is the solution you need to monitor real-time security events for DB2 to minimize the risk to your most sensitive mainframe data.

Learn More...

 

 

CorreLog Visualizer for IBM z/OS

The CorreLog Visualizer is an affordable Security Information and Event Management (SIEM) system especially designed and pre-configured for use by z/OS security administrators and system programmers. It provides point-and-click functionality from a standard web browser into z/OS security and operational events. Visualizer provides dashboard views, event message correlation, and can send text messages as alerts of security events generated from z/OS.

Learn More...

 

Back to Top

 

Distributed Solutions

CorreLog SIEM Server
The flagship product of CorreLog is our SIEM Server, a100% web-based message aggregation and correlation system designed to acquire high-speed, real-time information in the form of windows event logs, syslog messages and SNMP traps. From this data, the CorreLog SIEM Server creates actionable tickets. We use sophisticated neural-network technology, auto-learning algorithms, semantic sensors, and other components to make sense from raw logfile messages.
Learn more about CorreLog SIEM Server...
 

**Achieving SIEM Maturity from Day 1

Click here to watch a presentation on how you can move your SIEM maturity multiple levels on Day 1
(from SC Congress eSymposium, August 2014).
 
CorreLog Change Tracker Enterprise
CorreLog Change Tracker Enterprise is a full-scale combination of configuration management and policy compliance that can be deployed enterprise-wide to ensure workstations and servers, as well as network devices, firewalls and directories meet the organization's configuration policy. This product provides full-scale reporting and management of system health, availability, performance, users, compliance,configuration, changes to systems and asset management all in one place.
Learn More...

CorreLog SyslogDefender™ for Reliable Transmission with Encryption and Authentication
The fuel that runs a security information and event management (SIEM) is Syslog messages. Historically, Syslog messages were sent using Universal Datagram Protocol (UDP) as described in RFC 3164. Unfortunately, UDP provides neither reliable delivery nor encryption and authentication. SyslogDefender "wraps" all Syslog messages inside an encrypted and authenticated pipeline with a high degree of reliability that is traceable.
Learn More...
Download Datasheet PDF Now
 
CorreLog Agent for SAP
The CorreLog Agent for SAP monitors system access to determine user activity related to system and profile changes, including logon and logoff events. This allows the system administrator to keep track of who is accessing the system by the activity they log while in the system.
More information on the CorreLog Agent for SAP.
Download Datasheet PDF Now
 
CorreLog Agent for Windows
CorreLog furnishes its Window Agent and Windows Tool Kit (WTS) to instrument Microsoft 200x, XP, Vista and Windows 7 platforms with standard syslog capability. This non-intrusive, feature-rich, standards-based agent is distributed free-of-charge to all interested organizations, to compensate for the lack of syslog support by Microsoft, and to help advance the state of art for SIEM and systems management. The CorreLog Windows Agent is easy to deploy, satisfies a wide range of requirements, and works with any standards-based syslog collector.
Learn More...
 
CorreLog File Integrity Monitor (FIM)
As a standard feature, CorreLog Server includes a powerful File Integrity Monitor (FIM) agent for Microsoft Windows 32 and 64 bit systems, as well as for Linux, Solaris, AIX, and HPUX UNIX platforms.This simple-to-deploy agent provides a continuous test of file integrity (based upon directory paths and user configured match patterns)supporting PCI-DSS requirements, as well as special applications such as Windows "Prefetch" monitoring, asset management, and change management.
Learn More...

CorreLog UNIX and Linux Agents
CorreLog does not require installation of any UNIX agent in order to fully manage UNIX platforms. However, for those organizations wishing to augment their existing UNIX syslog capability, CorreLog provides its UNIX Agent and Unix Tool Set (UTS), featuring remote filtering capabilities, remote management functions, and message encryption. These agents easily add new data sources for Solaris, Linux, AIX,and other popular UNIX platforms.
Learn More...
 

Back to Top

Other CorreLog Solutions

CorreLog For Enterprise Search
At the center of CorreLog's operation is our high-speed, web-based search engine. This facility allows you to search gigabytes of information, spanning multiple days or months, returning results within few seconds. You are provided a single web-based console to search the logs of all the technology infrastructure at your site, in real time.
Learn More...
 

CorreLog Adapters and Plug-Ins

CorreLog employs a plug-in architecture that permits you to add new functionality to CorreLog based upon the specific objectives of your enterprise. We offer high-speed SNMP and Ping polling adapters, as well as more specialized components such as POP3 monitors, and our file integrity monitor software. CorreLog adapters are easily installed into the main CorreLog Server, and provide dashboard components, new processes, and new reporting facilities that can satisfy your highly specific requirements.
Learn More...
 

CorreLog TLS / AES-256 Encryption

CorreLog is a secure solution, employing many different layers of internal security. To further augment this security, CorreLog provide sits TLS / AES-256 encryption component, meeting USA Federal Information Processing Standards (FIPS). This module provides unbreakable encryption, as well as functions such as self-test and secure key exchange. (Due to Federal Export restrictions on encryption technology,this component is available only to USA customers.)
Learn More...
 
Other CorreLog Framework Components
CorreLog is based on our open "Sigma Framework", which allows you to extend the range of functions through the addition of new screens,processes, dashboard elements, reporting functions, and other software.We provide a comprehensive API and documentation on the internal workings of CorreLog, and offer assistance via CorreLog support and formal professional services.
Learn More...

 

Back to Top

 
button_correlation_whitepaper-blue
This is CorreLog
Security Compliance
Collateral Library


Mature SIEM on Day One



Download the SC Congress eSymposium
presentation "Mature SIEM on Day One"
Free Trial Download
Request Product Demo
Purchase CorreLog