• How to Buy
  • Contact us or one of our partners for information on how to buy
• Data Sheet
  • Learn more about NitroView ACE … download now
• Request a Demo
  • See how NitroView ACE can work for you … register now

The Industry's Most Advanced Correlation Engine for Security Information

NitroView ACE is a dedicated appliance that can be deployed alongside NitroView ESM to provide dedicate correlation logic that supplements NitroView ESM's existing event correlation capabilities. NitroView ACE goes far beyond typical event correlation by providing two important new capabilities that have never been seen before in a SIEM:

• The ability to detect and analyst threat activity by calculating a quantitative "risk score" with the NitroRSC correlation engine.
   
• The ability to replay historical logs and events against both NitroRSC, as well as new event correlation rules using traditional correlation logic.

There's no need to pause collection at the SIEM, even when replaying and correlating historical data, because NitroView ACE operates independently of NitroView's core collection, analysis and reporting functions. That means that you can perform unprecedented incident response and forensic investigations without impacting ongoing log collection and compliance efforts. And because NitroView ACE is a standalone appliance, there's absolutely no performance impact on the SIEM in terms of event collection and event management—allowing you to fully utilize all of NitroView ACE's correlation capabilities without compromise.

Like all NitroView products, NitroView ACE is fully integrated with NitroView ESM, and is fully managed from the same award-winning NitroView user interface, for a true "single pane of glass" experience.

NitroView ACE Overview

NitroView ACE is the only dedicated threat detection appliance available today, as well as the only "rule-less" correlation option available on the market. Rule-less correlation lets you tell NitroView ACE what's important to you—users or groups, applications, specific servers or subnets, virtually anything—and NitroView ACE will start scoring threat activity against it. As the score grows, yellow, orange or red alerts can be generated to notify you of increasing threats against those key systems and services.

• Identify threat levels against important assets, applications, users, etc. before an incident occurs 
• Use scores to generate alerts or open tickets to proactively remediate issues
• Leverage scores in "traditional" correlation rules, further reducing false positives from rule-based incident detection
• Produce complete audit trails for internal security plan reviews and compliance reporting.