EventTracker Essentials Datasheet - Netsurion
Transcript of EventTracker Essentials Datasheet - Netsurion
Powering Secure and Agile Networks
EventTracker EssentialsTurnkey managed threat protection purpose-built for small businesses
OverviewSimplify cybersecurity with a complete managed security service and platform to predict, prevent, detect, and respond to threats across your entire customer base. Fight through the noise of millions of events and incidents with AI-driven intelligence in EventTracker from Netsurion to get right at what matters most: protecting the data and assets of your end customers. Optimize your time and priorities with comprehensive reports, dashboards, and compliance insights.
Management Monitoring & Alerts Detection & Response Compliance Reports
EventTracker is a recognized, award-winning platform tailor-made for multi-tenant environments like yours.
• Cloud-hosted SIEM
• 24/7 monitoring
• Daily security report
• Detect file modifications (FIM)
• Multi-Factor Authentication (MFA)
• Minimize false positives
• Full remediation recommendations
• Secure and centralized
• 400 day log archives
• Threat dashboard
• Comprehensive threat intelligence sources
• Insider threat protection
• Prioritize vulnerabilities
• Predict unknown threats
• Host-based IDS
• Flexible vulnerability scans
• Incident response (IR)support
• Zero-time prevention
• PCI DSS
• GDPR
• HIPAA
• NIST 800-171
©2021 Netsurion, LLC
EventTracker Essentials
Powering Secure and Agile Networks
netsurion.com
Sample Alerts and ReportsProvides out-of-the-box reports for Firewalls,Microsoft 365 and Windows, and Other Devices.
Critical Threats
• Terminate processes with unsafe hash or low reputation IP addresses
• Potential breach from low reputation IP addresses
• Anomalous login detection and blocking
• Mapped to MITRE ATT&CK® techniques
High Risk Activity
• Windows audit log cleared
• Users added to domain admin or local admin group
• Active Directory Enumeration attempt detected
• Lateral network movement
Suspicious Activity
• New TCP port started listening
• Active directory group policy change
• Admin remote logon success
• External media inserted
• New Windows audit policy and account management activity
• New Windows software install activity
• New Windows user location affinity
• PowerShell running suspicious commands
• Unusual IP address activity
• User account added, deleted, or disabled
• Suspicious exploit tool detected
Sensor Specifications• Windows 7 and higher
• Windows 2008 RS, 2012 R2, 2016, and 2019
• Windows Embedded POS Ready
Zero-Time Endpoint ProtectionEventTracker Endpoint Security combines Netsurion’s managed threat protection platform along with deep learning and a predictive threat protection solution under a single 24/7 SOC. This combination of artificial and human intelligence prevents and blocks advanced threats with the broadest attack surface protection against 100 file types. We enable stronger yet simpler cybersecurity against Zero-day threats, ransomware, APTs, and file-less attacks with unmatched accuracy and speed, even when devices are offline.
Advanced Vulnerability Management Continuous vulnerability management is the foundation of proactive cybersecurity, moving beyond compliance and reactive measures like firewalls to address advanced threats. Vulnerability assessment begins with understanding your risk profile and identifying your network’s vulnerable systems._ As a full managed service, EventTracker Vulnerability Management simplifies day-to-day vulnerability detection to pinpoint gaps and prioritize remediation recommendations.
Supported Logs
Barracuda NG F-Series Fortinet
Cisco ASA Juniper Junos 11.4 onwards
Cisco Meraki SentinelOne
Cisco Umbrella OpenDNS SonicWall UTM
Microsoft Defender Antivirus Sophos SG
Microsoft Windows Sophos XG
Microsoft Active Directory Untangle
Microsoft 365 WatchGuard XTM
Palo Alto NetworksPanOS v 2.0 onwards
WebrootSecureAnywhere
Additional log sources are available.