Common Event Log Format Collects and Aggregates Data for Analysis by ArcSight’s Security Information and Event Management Platform.
Online PR News – 16-November-2009 – – San Jose, CA, November 12, 2009 -- SkyRecon Systems (www.skyrecon.com), a provider of integrated, proactive endpoint security solutions, today announced that its endpoint security product StormShield has achieved Common Event Format (CEF) certification for the Security Information and Event Management Platform from ArcSight®, Inc. (NASDAQ: ARST).
ArcSight is a leading global provider of security and compliance management solutions that protect enterprises and government agencies. SkyRecon’s StormShield solution protects businesses from the real threats of data leakage, data theft, system misuse, unauthorized access, and zero-day attacks.
ArcSight’s CEF is an open log management standard that improves the interoperability of security-related information from different security and network devices and applications. CEF is based on expertise from building support for over 275 products across more than 35 solution categories and is the first log management standard to support a broad range of device types.
Events from each of StormShield’s endpoint security client will enable businesses to centrally collect critical operational activity related to the use of – or misuse of – their endpoint systems and the wired/wireless networks they are connected through, removable devices such as USB keys and mass storage drives, applications being installed, launched, or hi-jacked by the users or malicious code, and even file access activity as it moves from the endpoints to shared folders, through applications, or to removable devices.
Analysis of the collected endpoint information, in combination with the wealth of other log information collected through ArcSight’s solutions, will enable the automatic identification of security breaches, unacceptable use of corporate resources, and even exceptions to corporate and regulatory policy.
CEF is an extensible, text-based, high-performance format designed to support multiple device types from both security and non-security devices and applications, unlike other standards that target a single component of the security infrastructure, are tied to a specific transport protocol, or are designed specifically for applications and cannot support today’s high-performance, real-time security requirements.
The CEF connector allows ArcSight ESM to connect to, aggregate, filter, correlate, and analyze events from applications and devices which output their logs in the CEF standard, utilizing the syslog transport protocol. For example, you can use this powerful text-based log format to collect logs from your customized or home grown applications if you modify their output to the CEF standard.
Additional information on CEF can be found at: http://www.arcsight.com/solutions/solutions-cef/
SkyRecon Systems most recently announced the release of version 5.2 of its unified endpoint security product StormShield; services include device control, file-based content encryption, application control, host-based intrusion prevention (HIPS) and firewall, wireless security, and network access control (NAC).
Key to version 5.2 is the offering of both full-disk encryption and file-based encryption for system level protections, including transparent decryption.
About SkyRecon Systems Inc.:
Founded in 2003, SkyRecon Systems is a visionary global provider of endpoint protection platforms. With its award-winning and analyst-recognized endpoint security solutions, organizations are able to ensure protection and enforce policy for endpoint systems, applications, data and users upon which their business relies. The company is a contributing member of the SecureIT Alliance, has received the prestigious Red Herring 100 Award, and has been named "Entrepreneurial Security Company of the Year” by Frost & Sullivan.
SkyRecon, the SkyRecon logo, and StormShield are registered trademarks of SkyRecon Systems Inc. All other product or service names are the property of their respective owners.
Sean Martin, CISSP
SkyRecon Systems Inc
San Jose, CA