NIST says it best: “The routine analysis and review of security logs benefits organizations by identifying fraudulent activity, operational problems, policy violations, and security incidents, as well as provides the necessary information to help resolve these problems. Logs can also be useful for establishing baseline activity, exposing long-term problems, performing auditing and forensic analysis, and tracking operational trends.”
nDiscovery is a comprehensive, customized log inspection and analysis service that transforms your raw logs into valuable insight and actionable intelligence. nDiscovery’s sophisticated data analysis technology combined with human intelligence expertly mines the log data to identify events that may be putting your organization at risk.
Yes, nDiscovery is a cost effective SaaS! The service eliminates the need to invest in costly hardware devices, software applications, or dedicated resources. It works with the raw logs that are natively generated by network devices and applications, which are securely transmitted to the Sage SAS70/SSAE16 certified data center, subject to a customized code based inspection, and then expertly reviewed by nDiscovery analysts.
The most common logs reviewed by nDiscovery are generated by:
nDiscovery is designed to detect threats and identify “at risk” events, provide oversight for administrative and third-party management, and report on security-related operational issues.
nDiscovery reports are generated for each log cycle (generally 24 hours) and posted to the nDiscovery client portal. The reports provide a consolidated view of activity and are designed to be equally useful for both technical and non-technical personnel. Issues that require attention are designated an “nDiscovery Item” and are given prominence at the beginning of the report as well as posted on the nDiscovery Items page in the nDiscovery portal.
If an issue requires immediate attention, the reporting process is escalated and the client is contacted directly by phone and/or email.
Yes, our nAlert option provides you with real-time alerting of network events. Logs are collected every five minutes, and you are notified about specific events in real-time. The basic option delivers preconfigured alerts for critical security events. We also offer a premium option that gives you the
ability to configure the events for which you want to receive notification.
Notifications are sent via email and/or text.
The reports are published in PDF format; clients are encouraged to download and save them locally. However, nDiscovery reports are archived and available as long as the subscription is active.
Examiners, Auditors and Risk Managers consistently praise nDiscovery. They rely on it for assurance that an organization's logs are expertly analyzed on a scheduled basis, providing an audit trail that documents when and by whom the nDiscovery reports are read as well as insight into how the organization responds to identified issues.
nDiscovery is a cost-effective solution, guaranteed! In fact, by eliminating the need to invest in hardware, software and dedicated resources, nDiscovery can actually save your organization thousands of dollars.
nDiscovery is a subscription-based service. Subscription fees are determined by type of device and either the total number of devices or number of log events per day. There are no up-front costs or long-term contracts, and billing is quarterly.
Our most comprehensive and cost-effective subscription program is the nDiscovery Enterprise License, which provides unlimited licensing for all supported network devices for one flat monthly fee. Firewalls and
Windows Servers must be licensed to be eligible for Enterprise.
Request an interactive demonstration of nDiscovery to experience the power of the service first-hand.