HAWTHORNE, NJ, FEBRUARY 24th, 2014 – Stealthbits Technologies Inc., leading supplier of unstructured data and Microsoft infrastructure solutions, the release of a new connector for IBM Security QRadar® SIEM, which feeds QRadar real-time, detailed security and change event details from Active Directory, Exchange, and File Systems using Stealthbits’ StealthINTERCEPT real-time change and access monitoring platform. With this release, the StealthINTERCEPT Windows Activity Connector for QRadar will supply QRadar with broader, deeper, more surgical visibility into the change and access events occurring within AD, Exchange, and File Systems than native log facilities can provide alone, making the industry’s already leading SIEM platform even better.
The primary problem organizations face in connecting SIEM applications directly to Microsoft event logs is that there’s too much data, containing too little information. Active Directory Security Logs, for example, exclude critical change details made to Group Policy Objects; settings that could have far reaching affects from security and compliance to operations. Similarly, enabling diagnostic logging on Windows File Servers typically produces extensive resource overhead, causing servers to crash and outages to occur.
The QRadar/StealthINTERCEPT integration provides:
StealthINTERCEPT is already the market visionary on Active Directory, Exchange, and File System security monitoring and protection. With the additional context StealthINTERCEPT feeds to QRadar, customers will obtain a whole new level of insight into security threats and how malicious insiders and outsiders are gaining access to sensitive data and more.
Kevin Foisy, Chief Software Architect, Stealthbits Technologies, Inc.
“StealthINTERCEPT is more than just a sound investment for QRadar customers, for anyone running Microsoft technologies…it’s a must have. By injecting our interception technology directly into the OS security layer, StealthINTERCEPT is able to feed discreet and critical Active Directory security events into QRadar in real-time; you just can’t get this from native logs. And since Active Directory is the hub of security in the Microsoft world, you really need this integration to get the big picture; without it, you’re missing half the picture.”
The StealthINTERCEPT Windows Activity Connector for QRadar is now available worldwide.
For more information on the StealthINTERCEPT Windows Activity Connector for QRadar, visit https://stealthbits.com/stealthintercept-product/
© 2022 Stealthbits Technologies, Inc.