Powering Secure and Agile Networks

EventTracker EssentialsTurnkey managed threat protection purpose-built for small businesses

OverviewSimplify cybersecurity with a complete managed security service and platform to predict, prevent, detect, and respond to threats across your entire customer base. Fight through the noise of millions of events and incidents with AI-driven intelligence in EventTracker from Netsurion to get right at what matters most: protecting the data and assets of your end customers. Optimize your time and priorities with comprehensive reports, dashboards, and compliance insights.

Management Monitoring & Alerts Detection & Response Compliance Reports

EventTracker is a recognized, award-winning platform tailor-made for multi-tenant environments like yours.

• Cloud-hosted SIEM

• 24/7 monitoring

• Daily security report

• Detect file modifications (FIM)

• Multi-Factor Authentication (MFA)

• Minimize false positives

• Full remediation recommendations

• Secure and centralized

• 400 day log archives

• Threat dashboard

• Comprehensive threat intelligence sources

• Insider threat protection

• Prioritize vulnerabilities

• Predict unknown threats

• Host-based IDS

• Flexible vulnerability scans

• Incident response (IR)support

• Zero-time prevention

• PCI DSS

• GDPR

• HIPAA

• NIST 800-171

©2021 Netsurion, LLC

EventTracker Essentials

Powering Secure and Agile Networks

netsurion.com

Sample Alerts and ReportsProvides out-of-the-box reports for Firewalls,Microsoft 365 and Windows, and Other Devices.

Critical Threats

• Terminate processes with unsafe hash or low reputation IP addresses

• Potential breach from low reputation IP addresses

• Anomalous login detection and blocking

• Mapped to MITRE ATT&CK® techniques

High Risk Activity

• Windows audit log cleared

• Users added to domain admin or local admin group

• Active Directory Enumeration attempt detected

• Lateral network movement

Suspicious Activity

• New TCP port started listening

• Active directory group policy change

• Admin remote logon success

• External media inserted

• New Windows audit policy and account management activity

• New Windows software install activity

• New Windows user location affinity

• PowerShell running suspicious commands

• Unusual IP address activity

• User account added, deleted, or disabled

• Suspicious exploit tool detected

Sensor Specifications• Windows 7 and higher

• Windows 2008 RS, 2012 R2, 2016, and 2019

• Windows Embedded POS Ready

Zero-Time Endpoint ProtectionEventTracker Endpoint Security combines Netsurion’s managed threat protection platform along with deep learning and a predictive threat protection solution under a single 24/7 SOC. This combination of artificial and human intelligence prevents and blocks advanced threats with the broadest attack surface protection against 100 file types. We enable stronger yet simpler cybersecurity against Zero-day threats, ransomware, APTs, and file-less attacks with unmatched accuracy and speed, even when devices are offline.

Advanced Vulnerability Management Continuous vulnerability management is the foundation of proactive cybersecurity, moving beyond compliance and reactive measures like firewalls to address advanced threats. Vulnerability assessment begins with understanding your risk profile and identifying your network’s vulnerable systems._ As a full managed service, EventTracker Vulnerability Management simplifies day-to-day vulnerability detection to pinpoint gaps and prioritize remediation recommendations.

Supported Logs

Barracuda NG F-Series Fortinet

Cisco ASA Juniper Junos 11.4 onwards

Cisco Meraki SentinelOne

Cisco Umbrella OpenDNS SonicWall UTM

Microsoft Defender Antivirus Sophos SG

Microsoft Windows Sophos XG

Microsoft Active Directory Untangle

Microsoft 365 WatchGuard XTM

Palo Alto NetworksPanOS v 2.0 onwards

WebrootSecureAnywhere

Additional log sources are available.