LogLogic bolsters security and compliance

LogLogic has announced three new products

LogLogic is diversifying its portfolio with the launch of three new products aimed at building on its log management expertise to help provide compliance management, security event management and database activity monitoring.

According to LogLogic's executive vice president of marketing and strategy, Dominique Levin, a large enterprise datacentre can generate about a terabyte of user log information every day.

"The real challenge is being able to turn this sea of data into useful information," she said.

"With databases being a central repository for information, they are a prime target for hackers, so the analysis and reporting needs to be done quickly and accurately if it's going to be of any use to enhancing database security."

Levin added that although most databases have their own internal logging systems, fully activating these can have a severe impact on performance and can also often be difficult to access and analyse quickly to detect suspicious behaviour or transaction patterns.

According to Levin, LogLogic's new platform automates the most challenging security and compliance processes by efficiently re-using the log data that organisations of all sizes already collect and archive.

"Built on the foundation of the LogLogic open log management platform, our new business applications unleash the power of logs while working together to deliver better compliance and information protection," she said.

The first in the new suite is LogLogic's Compliance Manager, which is designed to simplify regulatory compliance by fully automating approval workflows and review tracking. The company is using its open log management platform to provide a dashboard overview of an organisation's compliance status, as well as its log management back-end for historical and forensics analysis to map compliance reports to specific regulatory control objectives.

Second is the Security Event Manager, which is built in conjunction with security firm Exaprotect. This system is designed to use both platforms to perform complex event correlation, threat detection and security incident management workflow by analysing thousands of events in real-time from security devices, operating systems, databases and applications.

Lastly is the Database Security Manager, which can be used to monitor privileged user activities and protect data stored within database systems. It features granular policy-based detection and integrated prevention, as well as real-time virtual patching capabilities, thanks to a partnership with Centrigo.

As the tool provides an independent and over-arching audit trail, database administrators can more easily troubleshoot problems and security managers can independently monitor privileged users and enforce segregation of duties. Database events can also be sent to the Compliance Manager for regular review or to the Security Event Manager for further prioritisation and escalation.

LogLogic has made its Security Event Manager available now, while the Compliance Manager has been released to select customers and will be generally available in March 2009. The Database Security Manager is expected in the second quarter of 2009.