CA Security Command Center
CA's combined Security Command Center and Audit appliance received the bronze medal, getting high marks for event correlation and containing a flexible policy definition.
Combined, the tools collect, aggregate analyze and then display security events across the enterprise.
CA Audit serves as the audit logs and security event collection and data repository. It uses agents installed on target systems for data collection. The software collects and filters event data and can automatically send an alert in the event of suspicious activity on the network.
CA Audit also provides centralized and role-based policy management and alert management. The tool supports the Windows, Linux and UNIX platforms.
The data collected via CA Audit is then sent to the Security Command Center, which analyzes and monitors events to aid in threat response.
In addition, the command center can correlate and uncover patterns to failed logon attempts and analyze database and mainframe data to expose patterns that could be suspicious. The resulting data is displayed on a single, centralized console that can be customized based on a user's role.