Security Events Management (SEM) is the process of collecting, categorizing, correlating and disseminating the events generated by the various security controls and security mechanisms that are usually  deployed in an IT environment, o the security administrator.

Expertnet offers a comprehensive SEM solution, based on the CA Security Command Center (SCC) solution developed by Computer Associates.  The solution has a proven architecture , rich functionality and has been deployed in a large number of installations worldwide.

The CA Security Command Center gathers business intelligence by aggregating, reducing, correlating and prioritizing disparate security data from security devices, software technologies and assets across your organization. It then converts and prioritizes this large volume of data into intelligent, actionable information that can be managed from a single, centralized console.

CA Security Command Center displays this data in an understandable, visual format that represents the information in context to your organization’s business priorities. The solution’s centralized command and control console and alerting features let you quickly take action and remediate threats, decreasing the risk of your business-critical systems being compromised, minimizing downtime and helping to ensure business continuity.

SEM Functionality

The SEM solution allows our customers to take advantage of the following functionality:

•  Security event prioritization and status monitoring — prioritizes disparate security data from multiple security technologies by converting it into actionable information.
• Out-of-the-box correlation tools — delivers a library of predefined correlation rules specifically designed for analyzing security threats.
•  Extensive correlation capabilities — correlates data across an extensive assortment of third-party security devices and software technologies.
  
• Advanced alerting and visualization — includes a single console for viewing your real-time network security status.
• Policy-based event notifications targeted to specific roles within your enterprise.
• Real-time response — offers mechanisms that allow your organization to quickly resolve a security event through incident management, deploying a remediation or deploying a technician through a trouble ticketing system.
• Reporting and investigative capabilities — measures real-time security status and compliance through summary and detailed reports provided out of the box.
•  Architectural flexibility and scalability — fits the needs of diverse enterprises by allowing you to leverage its flexible deployment of agent-based or agent less event collection capabilities.
• Product integration kits for more than 100 third-party and CA products.
  
• Validated security knowledge — delivers web update services to provide the latest library and template correlation rules validated by CA’s security experts.