SolarWinds has revamped its SolarWinds Security Event Manager adding an interface that provides real-time “viewing, searching, and filtering” of log data to identify malicious activity, the company said.
“SEM is really made for today’s environment, providing an IT or security professional with increased visibility into cybersecurity vulnerabilities as well as the threat landscape as that continues to change and evolve,” Brandon Shopp, vice president, Product Strategy, security, SolarWinds told CRN. “If you’re looking for a strong, on-prem solution that will provide you visibility into multiple dimensions then SEM is a great option.”
While the name is new, Shopp said Security Event Manager replaces and enhances the log and event manager that product, which had been part of SolarWinds’ portfolio. He said in talking with users and interacting with the market, SolarWinds saw a need for a better data logging tool that included feature enhancements around the events console.
“There’s also a compliance angle as well that the product is very strong in, apart from threat detection,” Shopp said. “So if you’re in various compliance environments … then we’ve got reporting as well as capabilities in the product that will help you to adhere to those.”
A longtime SolarWinds partner who looked at the product, but has not used it, told CRN that SolarWinds makes great network monitoring tools, but isn’t known for being a security player.
“I don’t think it’s a bad product, but Solarwinds tools aren’t synonymous with cybersecurity. It’s not like when you think of AlienVault or one of the other products out there that you think of. When you think of security, SolarWinds doesn’t come to mind,” he said. “They’re known for enterprise network monitoring and management. What it looks like they did is they tweaked it to pick out more cybersecurity threats, now they’re offering it as a security product. I think they’re trying to stay relevant in a cybersecurity world, because that’s where all the appeal is.”
Shopp said Austin, Texas-based SolarWinds wanted to give security and IT professionals a console inside of a framework that is easy to use and consume, no matter their environment.
“We’ve added some additional filtering, some additional searching capabilities, specifically in our events console and our rules console,” he said. “We want to allow users to come at the data from multiple vectors, whether they’re looking at a raw stream coming in, or they want to look at it from a node perspective, and then, our connectors, we have tons of connectors that allows us to normalize data as it comes in.”
He said there are also updates to a file integrity monitoring tool as well as built-in connector management allows users to pull in and organize data. SEM is deployable on-prem or in Azure and AWS.
“MSPs that are in need of a security offering that is on-prem or if they want to host it in a public cloud, this is absolutely a solution they can leverage,” he said. “We’ve got various options depending on your organizations structure and needs.”
Shopp said as far as price, SolarWinds does not charge based on “ingestion” and tried to make pricing simple, charging $4,665 as a starting point for the product, priced by tiers, buying into a size based on the needs of the workplace.
“Our goal with this is really to advance SolarWinds offerings that we felt weren’t really being addressed or met by enterprise level security software vendors that are out there,” he said. “Everyone has security needs. We want to provide a solution and an offering which can scale and address those large organizations, but can similarly address needs of those smaller organizations. Security is a need for everybody. It doesn’t matter who you are, or how big or small you are.”