Event Correlation - The Heart of SIEM
The millions of events flowing through management consoles would be virtually useless if it wasn't for the analysis and correlation used to identify, notify and respond to suspicious behavior, malicious activity and policy violations.
TriGeo's EPIC Technology – Real-Time Analysis and Multi-Dimensional Correlation
TriGeo's event correlation, known as EPIC (Effective Policy through Intelligent Correlation), is patented technology designed specifically for high-performance, real-time analysis and multi-dimensional correlation.
TriGeo was the first SIEM product on the market to utilize 64bit, in-memory, technology to deliver multiple-event, field-level, non-linear correlation.
Performance is maximized because TriGeo's correlation engine isn't based on database or disk-based technology - there is no bottleneck associated with data insertion or query speeds.
What does this mean to your organization?
Complex correlations performed in real-time deliver a higher level of network security with lower administrative costs.
TriGeo SIM - Event Correlation Highlights:
♦ Real-Time Event Analysis
♦ In-Memory Processing
♦ Multiple-Event Correlation
♦ Non-Linear Correlation
♦ Intuitive Graphical Interface
♦ Arsenal of Active Responses
Sophisticated Event Correlation Technology
TriGeo ships with over 650 pre-built correlations that make this SIEM (security information and event management) solution usable right out of the box!
Consider these critical factors when evaluating event correlation products
Click here 
Powerful, Simple-To-Use Correlation Rule Builder
TriGeo ships with over 650 pre-built correlations, but even the most powerful correlation engine would be useless if it was difficult to build rules and tune them to your specific environment. TriGeo's rule builder employs a patent-pending graphical interface that was designed so anyone can use it.
TriGeo recognizes that few organizations have the luxury of full-time security teams, so our rule builder is designed to enable front-line IT personnel to quickly and efficiently build rules that make their lives easier. Naturally, these include security-focused rules, but it's common to build rules that address the daily IT headaches like account lockouts.
Now, you can see it for yourself...
Click the image on the right and watch as we construct a simple rule in under 60 seconds.
This specific example illustrates how easily TriGeo SIM can examine an event, look for discrete properties, and take a specific action.
In this case, we detect that someone has launched Solitaire, and immediately terminate the application. Naturally,
far more elaborate correlations are possible, but this illustrates the tremendous ease with which they can
be built - you won't find anything like it, anywhere on the market!
The ability to perform real-time event analysis and correlation is the single most important feature in evaluating a security information management system.
Looking for an SIM product? Consider the Top 8 correlation evaluation criteria
Click here
