This product offering is the next evolution of what I've been doing at IBM. Finally, a public announcement!!
* Facilitating compliance by using centralized dashboard and reporting capabilities.
* Helping to protect intellectual property and privacy by auditing the behavior of all users — privileged and nonprivileged.
* Managing security operations effectively and efficiently with centralized security event correlation, prioritization, investigation, and response.
IBM Tivoli Security Information and Event Manager V1.0 offers:
* Integration and exchange of events between IBM Tivoli Security Operations Manager and IBM Tivoli Compliance Insight Manager correlation engines.
* New endpoint pricing for both security incident and audit log collection.
Security information and event management (SIEM) is a primary concern of CIOs and CSOs in many enterprises and organizations. There is a need to centralize security-relevant events and analyze the consolidated data to obtain valuable security and compliance insights.
IBM offers two complementary perspectives on SIEM:
* A real-time, network event-oriented management dashboard that facilitates attack recognition and security incident management.
* An information analysis dashboard to monitor how well an organization adheres to its security and governance policies.
IBM Tivoli® Security Information and Event Manager V1.0 is comprised of two products that work closely together to help realize the full promise of enterprise SIEM: IBM Tivoli Security Operations Manager V4.1 and IBM Tivoli Compliance Insight Manager V8.5. Now you can centralize log collection and event correlation across the enterprise, and can leverage an advanced compliance dashboard and regulatory compliant reports to link security events and user behavior to corporate policies.
Tivoli Security Information and Event Manager V1.0 delivers a foundation from which to address your SIEM requirements — now and into the future. As a result, IT organizations can lower their exposure to security breaches; control the costs of collecting, analyzing, and reporting on compliance related events; and manage the complexity of heterogeneous technologies and infrastructures. IBM Tivoli Security Information and Event Manager offers end-to-end capabilities including:
* Security compliance dashboard.
* Security operations dashboard for security incident management.
* Real-time log aggregation, correlation, and analysis of security incidents.
* IT operations integration.
o Recognize, investigate, and respond to security incidents automatically.
o Streamline incident tracking, handling, and resolution.
* Mainframe, operating system, application, and database audit analysis.
* Privileged user monitoring and auditing (PUMA).
* Log management reporting.