Content

Netsurion EventTracker

Netsurion's latest release of EventTracker includes EventTracker EDR (Endpoint Detection and Response) that protects against threats and the lateral movement of attacks by providing organizations with visibility into potential risks as they develop for fast-tracking responses before damage even occurs. It is set up to deliver protection for endpoints of any size. It is offered on-premise or in the cloud to give security analysts the efficiency they need to help their organizations address security and make team members of all skill levels more productive. It features extensive reporting options, including preconfigured reports to support regulatory requirements, and recently added GDPR support.

As far as installation goes, they did a superb job making it as painless as possible, suitable for any experience level. It has a pre-install checklist that shows everything that must be configured or installed prior to the installation of EventTracker. The installation guide is easy to follow. The sensors can be deployed either through command prompt or via the GUI in an MSI installation. These were both very straightforward, though do not expect to complete this setup in under two hours.

When logging into EventTracker you arrive on the home page, not to be confused with the dashboard. This gives an overview of potential cyber breaches, indicators of compromise, potential insider threats, and non-reporting systems all presented in a different color. This home page is designed to bring your attention to all potential security issues quickly. Widgets fill up the page between the navigation pane and the administrator drop-down menu at the top. The menu has a variety of options such as alerts, diagnostics, event filters, and more. Each widget can be moved and edited with a selection of configurations. This is also available as a managed service called SIEMphonic in which the company’s own SOC team performs those functions on behalf of their customers and they operate 24/7.

Incident response playbooks are provided for organizations that may need more of a walkthrough. Unsupervised machine learning backs time series anomaly detection, the result of more than three years of development. It is designed to be simple enough for a junior security analyst. This solution also offers log search powered by Elasticsearch version 6, endpoint detection and response that can block unauthorized software installation, ready-to-go actionable reports, display geolocation of threats, and more.

Pricing is for up to 50 endpoints and offered at $5,000 per year for Log Management and $11,000 per year for Security Center. Phone and email support are included and offered 8/5. 24/7 support can be purchased for an additional fee proportional to the license.

Tested by Matthew Hreben

Product title
Netsurion EventTracker
Product info
Vendor: Netsurion Price: $4,000 per year for EventTracker Log Management and $11,000 per year for EventTracker Security Center up to 50 endpoints. Contact: eventtracker.com
Strength
With the easy setup and thorough incident response playbooks, this is a suitable solution for any experience level.
Weakness
None that we found.
Verdict
This is a highly intuitive, customizable solution that aims to make use of this effective security measure very straightforward.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.