SentryWire can help with
the Maturity Model for Event Log Management (M-21-31)
SentryWire is a comprehensive and flexible solution that can help organizations meet the requirements of the Federal Government’s Maturity Model for Event Log Management. With its powerful logging and analytic capabilities, SentryWire provides organizations with the tools they need to ensure the security and reliability of their IT systems and data.
How SentryWire helps Secure
ICS/OT Networks
SentryWire has been designed as a cost-effective long term packet store with full Network Security Monitoring (NSM) for on-demand or live examination of network activity with an on system Intrusion Detection System (IDS), file carving engine and advance network analysis by generating and reviewing logged events of interest.
Bolster Your Defenses & Hunt Down APTs
How SentryWire Can Help
The threat landscape is ever-changing and organizations need to be prepared to react to breaches. Organizations need to be prepared to identify attack tactics, techniques, and Indicators of Compromise (IOCs) relating to Advanced Persistent Threats (APTs) activities.
SentryWire leverages a combination of network detection mechanisms to provide flexible, lightweight, and adaptable Network Security Monitoring capabilities for analysts tasked with hunting for intrusions and monitoring their networks for anomalies. These types of intrusions are often hard to detect with signatures and rules alone.
In-line File Carving (Two Methods)
SentryWire gives you the ability to do live file carving that allows analysts to set specific file types to carve automatically. Search based/On-demand file carving where any files returned as part of a search are identified, viewable and exportable as fully reconstructed files. In addition to the carved files SentryWire logs every file that is captured, the file logs included MIME type, hash and rich contextual metadata.
Single Management Pane
SentryWire collects and analyzes massive amounts of data generated by your network infrastructure. Easily see everything you need from a single management pane.
