SIEM Application Integrations
Powerful out-of-the-box integrations so you can monitor all of your critical assets in one place
Most SIEM solutions monitor standard datasources, which include operating systems like Windows and Linux, routers and switches, firewalls, databases, and servers. Event Manager allows you to connect these datasources as quickly as possible with out-of-the-box, pre-configured templates that can begin auditing for standard data as soon as it is connected to a newly created asset. Default collection settings remain flexible, allowing you to tailor each asset as needed.
Connecting third party applications to Event Manager centralizes your security even further, and allows for additional event correlation, providing even more evidence to security analysts to identify and remediate threats. Have an in an asset that’s vital to your organization but doesn’t have a built-in template? Event Manager provides normalized event data for non-traditional assets including homegrown databases, ensuring that no device is left behind.
Monitor Diverse Datastreams with Third Party Integrations
Every organization is different and has their own unique profile of solutions which are also critical to monitor. Connecting third party applications to Powertech Event Manager centralizes your security even further, and allows for additional event correlation, providing even more evidence to security analysts scrutinizing the environment for threats of any kind.
Have an in an asset that’s vital to your organization but doesn’t have a built-in template? Event Manager can still provide normalized event data for non-traditional assets like homegrown databases, ensuring that no device is left behind.
Examples of Assets with Built-in Templates
AWS Cloud Trail
Monitor cloud environment user activity, user management, and system management events like:
- User logins
- Device registrations
- Security configuration changes
Barracuda WAF
Monitor access, audit, firewall, and system log events like:
- Version modification
- Configuration rule change
- Network access status
- User command executions
Palo Alto
Monitor system activity, system management, and user activity events like:
- Vulnerability detection
- Flood detection
- Successful logins
- Virus scan status
SWIFT
Monitor system management, users’ management, and user activity events like:
- Object backup
- Inactivity timeouts
- Password modification
- Login status
Want to see how Event Manager monitors all of your diverse assets? Watch a short demo to see it in action.
Other Popular Integrations Available Include Products By:
Arcsight
Attivo Networks
Barracuda
CA Technologies
Check Point
Cisco
CyberArk
Db2 for i
FireEye
Firewalld
IBM
Imperva
Intel
Juniper
Medio Electrónico de Pagos (MEP)
Microsoft
Sistema de Operaciones Electrónicas (SIOPEL)
Symantec
Trend Micro
Fortra Product Integrations
Event Manager has a strong alignment with other Fortra solutions, providing a seamless transition between products, and a streamlined security portfolio.
Powertech Antivirus Integration
Powertech Antivirus is a powerful enterprise malware solution that provides protection for multiple platforms, including Linux, PowerLinux, IBM i, and AIX. With this built in integration, users can take full advantage of the Powertech security suite. Security teams can monitor data to check for events including update information, scan results, and software status information. Some examples include:
- Quarantined files
- Virus detection
- Scan completion
- File definition updates
- Startup and shutdown
Core Privileged Access Manager (BoKS) Integration (PAM Software)
Core Privileged Access Manager (BoKS) is a Privileged Access Management solution (PAM) that centralizes management of Linux and UNIX server environments. Following the principle of least privilege, user credentials are administered using granular access controls. Integrating BoKS allows you to monitor system management, user management, and user activity, like:
- User creation and deletion
- User modifications
- Group creation and deletion
- Attribute modification
- Temporary privilege usage
Security Auditor Integration (Policy Management Software)
Security Auditor automates security administration and policy compliance across cloud, on-premises, or hybrid environments. It enforces adherence and mitigates risks like misconfiguration. Integrating Security Auditor allows you monitor server activity and policy changes, such as:
- Server addition or deletion
- Permission changes
- Attribute changes
- Compliance check results
Intermapper Integration
Intermapper maps your topology, providing a comprehensive picture of your network in real time. Integrating Intermapper allows you to discover and receive asset notifications, including:
- Device status
- Bandwidth threshold
- Outages
- Memory failure
Powertech Exit Point Manager for IBM I Integration (SIEM agent)
Powertech Exit Point Manager for IBM I is a robust intrusion prevention and detection solution. Security teams can track, and control access to system data, ensuring compliance with security policies. Integration with Exit Point Manager allows you to monitor network access data, including:
- Unauthorized access attempts
- Member addition and deletion
Powertech Authority Broker for IBM i
With Powertech Authority Broker for IBM i, administrators can predefine users that are allowed to use elevated levels of authority. Users “swap” into the privileged profile only for the specific window of time that they need it. Integrating Authority Broker allows you monitor activity that may occur during the swap, such as:
- Beginning and ending of profile swap
- Timed switch performed
- Action failure
Automate Integration
Using the Automate integration, you can take action on security alerts monitored in Event Manager. Automate enables a corrective process to be automatically triggered when a problem is detected. For example:
- Disabling a user account associated with a denial of service (DOS) attack
- Unlocking pre-approved user accounts
- Launching Antivirus software
Try Event Manager for Yourself
See how Event Manager streamlines incident response and translates data into actionable intelligence with a free 30 day trial.