SIEM Application Integrations

Powerful out-of-the-box integrations so you can monitor all of your critical assets in one place.

Text

Most SIEM solutions monitor standard datasources, which include operating systems like Windows and Linux, routers and switches, firewalls, databases, and servers. Event Manager allows you to connect these datasources as quickly as possible with out-of-the-box, pre-configured templates that can begin auditing for standard data as soon as it is connected to a newly created asset. Default collection settings remain flexible, allowing you to tailor each asset as needed.

Connecting third party applications to Event Manager centralizes your security even further, and allows for additional event correlation, providing even more evidence to security analysts to identify and remediate threats. Have an in an asset that’s vital to your organization but doesn’t have a built-in template? Event Manager provides normalized event data for non-traditional assets including homegrown databases, ensuring that no device is left behind.

Monitor Diverse Datastreams with Third Party Integrations

 

 

Text

Every organization is different and has their own unique profile of solutions which are also critical to monitor. Connecting third party applications to Powertech Event Manager centralizes your security even further, and allows for additional event correlation, providing even more evidence to security analysts scrutinizing the environment for threats of any kind.

Have an in an asset that’s vital to your organization but doesn’t have a built-in template? Event Manager can still provide normalized event data for non-traditional assets like homegrown databases, ensuring that no device is left behind.

Examples of assets with built-in templates include:

AWS Cloud Trail

Monitor cloud environment user activity, user management, and system management events like:

  • User logins
  • Device registrations
  • Security configuration changes

CTA Text

Want to see how Event Manager monitors all of your diverse assets? Watch a short demo to see it in action.

WATCH THE DEMO

Text

Other popular integrations available include products by:

Left Column

Arcsight
Attivo Networks
Barracuda
CA Technologies
Check Point
Cisco

Middle Column

CyberArk
Db2 for i
FireEye
Firewalld
IBM
Imperva
Intel

Right Column

Juniper
Medio Electrónico de Pagos (MEP)
Microsoft
Sistema de Operaciones Electrónicas (SIOPEL)
Symantec
Trend Micro

HelpSystems Product Integrations

Event Manager has a strong alignment with other HelpSystems solutions, providing a seamless transition between products, and a streamlined security portfolio.

Powertech Antivirus Integration

Antivirus Icon

Powertech Antivirus is a powerful enterprise malware solution that provides protection for multiple platforms, including Linux, PowerLinux, IBM i, and AIX. With this built in integration, users can take full advantage of the Powertech security suite. Security teams can monitor data to check for events including update information, scan results, and software status information. Some examples include:

  • Quarantined files
  • Virus detection
  • Scan completion
  • File definition updates
  • Startup and shutdown

Identity & Access Manager (BoKS) Integration (PAM Software)

Identity & Access Manager (BoKS) is a Privileged Access Management solution (PAM) that centralizes management of Linux and UNIX server environments. Following the principle of least privilege, user credentials are administered using granular access controls. Integrating BoKS allows you to monitor system management, user management, and user activity, like:

  • User creation and deletion
  • User modifications
  • Group creation and deletion
  • Attribute modification
  • Temporary privilege usage

BoKS Icons

Network Insight Integration (Advanced Threat Detection Software)

Network Insight Icon

Network Insight is an advanced threat detection solution that confirms infections with certainty, providing definitive evidence. This enables security teams to respond rapidly, preventing damage to the environment. Integrating Network Insight allows you to monitor threat evidence and other system activities, such as:

  • Malware detection
  • Suspected asset
  • Expired asset
  • Sensor status
  • User logins

Security Auditor Integration (Policy Management Software)

Security Auditor automates security administration and policy compliance across cloud, on-premises, or hybrid environments. It enforces adherence and mitigates risks like misconfiguration. Integrating Security Auditor allows you monitor server activity and policy changes, such as:

  • Server addition or deletion
  • Permission changes
  • Attribute changes
  • Compliance check results

Security Auditor Icon

Intermapper Integration

Intermapper Integration Icon

Intermapper maps your topology, providing a comprehensive picture of your network in real time. Integrating Intermapper allows you to discover and receive asset notifications, including:

  • Device status
  • Bandwidth threshold
  • Outages
  • Memory failure

Powertech Exit Point Manager for IBM I Integration (SIEM agent)

Powertech Exit Point Manager for IBM I is a robust intrusion prevention and detection solution. Security teams can track, and control access to system data, ensuring compliance with security policies. Integration with Exit Point Manager allows you to monitor network access data, including:

  • Unauthorized access attempts
  • Member addition and deletion

Exit Point Manager Icon

Powertech Authority Broker for IBM i

Authority Broker Icon

With Powertech Authority Broker for IBM i, administrators can predefine users that are allowed to use elevated levels of authority. Users “swap” into the privileged profile only for the specific window of time that they need it.  Integrating Authority Broker allows you monitor activity that may occur during the swap, such as:

  • Beginning and ending of profile swap
  • Timed switch performed
  • Action failure

Automate Integration

Using the Automate integration, you can take action on security alerts monitored in Event Manager. Automate enables a corrective process to be automatically triggered when a problem is detected. For example:

  • Disabling a user account associated with a denial of service (DOS) attack
  • Unlocking pre-approved user accounts
  • Launching Antivirus software

Automate Integration Icon

Try Event Manager for Yourself

CTA Text

See how Event Manager streamlines incident response and translates data into actionable intelligence with a free 30 day trial.

START A FREE TRIAL