To be effective in network defense, and not just for forensic analysis, the network and security event data must also be analyzed and correlated in real-time. This information needs to be manageable and actionable as well. Forensics are not enough. Real-time analysis, event correlation and active response are the basis for next generation technology that provides organizations with visibility into their networks and a defense against insider abuse and network attacks.
SolarWinds was the pioneer and remains the leader in automated remediation through intelligent correlation. It ships with the industry’s largest arsenal of actions that can be linked directly to correlations, and utilizes a proprietary action framework to communicate directly with network infrastructure devices and host operating systems, providing network defense coverage from the perimeter to the endpoint. SolarWinds can actively defend the network through highly targeted correlation rules, behavior analysis and integration with network infrastructure. The defensive arsenal includes the ability to quarantine, block, route and control services, processes, accounts, privileges and more.