Request an Advisor
Get Listed

Tenable Log Correlation Engine™

by Tenable Network Security

Product Information  

Tenable Log Correlation Engine™

Category: Security Information and Event Management

Product Description

A Different Approach to SIEM

Tenable's security information and event management (SIEM) solution leverages the log management capabilities of the Log Correlation Engine (LCE) to collect all logs, software activity, user events, and network traffic. It analyzes all data for correlated events and impact on security and compliance posture. Event context and threat-list intelligence about any system is provided by Tenable Nessus vulnerability and configuration scans and real-time monitoring with the Tenable Passive Vulnerability Scanner (PVS).

  • Alerting - Configure and receive automatic alerts based on customized event thresholds. 
  • Event Correlation - Multiple forms of event correlation are available for all events including statistical anomalies, associating IDS event with vulnerabilities, and alerting on 'first time seen' events. 
  • Log Normalization - Normalize, correlate, and analyze user and network activity from log data generated by any device or application across the enterprise in a central portal. 
  • User Monitoring - Monitor user activity. Associate events such as a NetFlow, IDS detection, firewall log activity, file access, system error, or login failure with specific users for easy reporting and insider threat detection.
  • Full Log Indexing & Search - All logs are compressed and stored, whether they are normalized according to a rule or left raw. Using full-text search, you can rapidly search logs for keywords, user names, IP addresses, and many other terms. Log searches are stored with an independent checksum and can be re-launched at any time.
  • NetFlow Analysis - Each instance of the Tenable LCE includes agents for many different platform technologies. They can collect NetFlow traffic logs from routers, switches, and other network devices. 
  • Malware Detection - The Tenable LCE Windows client monitors all processes running on Windows machines for malware processes, and can alert the security team if malware is discovered.
  • Network Content Analysis - Analyze network traffic in real-time with Tenable PVS. It produces an accurate vulnerability report and a real-time forensic log of network events such as shared files, DNS lookups, and social network activity.


Vendor Information


Our Company

Tenable Network Security is at a transition in cybersecurity technology that will change the way companies protect their networks. Tenable started the revolution when one of its co-founders created the Nessus® vulnerability scanner, the first robust solution for detecting vulnerabilities that viruses and hackers can exploit. The Tenable platform has evolved into today's most powerful vulnerability and threat detection technology.

Our Mission

Tenable founders Ron Gula, Renaud Deraison, and Jack Huffard build technology that secures and protects any device from threats on the Internet – malicious software, hackers, viruses, and more. Tenable wants its customers and every company to have access to the latest and best technology that will ensure they stay connected, online, and in business.

Our Technology

Tenable SecurityCenter™ is the trusted cybersecurity platform in use throughout the U.S. Department of Defense (DoD) and by many of the Fortune 500's. These institutions trust Tenable to alert them to threats that could bring down their networks. Nessus, the heart of Tenable’s platform, has more than one million users – protecting almost every major enterprise network in the world.