Log Correlation Engine 4.2 Released
Tenable has released the Log Correlation Engine, version 4.2. This major release provides several significant new features and enhancements, including:
Automatic Asset Discovery
Assets are detected and identified through inspection of log files. Logs from systems including DNS and DHCP servers, firewalls, and web filters will include information on all devices actively communicating on the network. LCE 4.2 uses this information to deliver complete asset discovery.
User Account Enumeration
User accounts are continuously discovered through log analysis and are identified for audit and reporting.
Vulnerability and Service Detection
LCE analyzes log data to passively detect and identify a variety of vulnerabilities. LCE 4.2 also detects running applications and services to provide additional data for software inventory and identification. (This feature also requires SecurityCenter 4.6.2.2).
Advanced Network Profiling
LCE 4.2 continually builds a detailed profile of the network as logs are processed to provide additional contextual data for analysis and reporting on security and compliance. (This feature also requires SecurityCenter 4.6.2.2).
High Availability
A powerful set of features supporting high availability requirements has been added, including the ability to create a redundant remote copy of a system, advanced load balancing, and automated capabilities for failover and recovery.
LCE 4.2 software, release notes, and documentation (including a new High Availability Large Scale Deployment Guide) are all available for download from the Tenable Support Portal.
Related Articles
Cybersecurity Snapshot: Guide Unpacks Event-Logging Best Practices, as FAA Proposes Stronger Cyber Rules for Airplanes
August 23, 2024Looking to sharpen your team’s event logging and threat detection? A new guide offers plenty of best practices. Plus, the FAA wants airplanes to be more resilient to cyberattacks. Meanwhile, check out the critical vulnerabilities Tenable discovered in two Microsoft AI products. And get the latest on ransomware trends, vulnerability management practices and election security!
Taking IBM QRadar SIEM One Step Further Using Tenable.ad
September 30, 2021If you can't continuously monitor Active Directory, it's impossible to achieve full visibility into your evolving attack surface. Here's how combining Tenable.ad with IBM QRadar can help. It's no sec...
Recap: Geeking Out II with Marcus
April 15, 2013Ron and I spent most of the webcast rotating around the theme of detection algorithms: how do you determine what is normal and what is not? We started off with one of my favorite questions, "Are there...
Cybersecurity Snapshot: Apply Zero Trust to Critical Infrastructure’s OT/ICS, CSA Advises, as Five Eyes Spotlight Tech Startups’ Security
November 1, 2024Should critical infrastructure orgs boost OT/ICS systems’ security with zero trust? Absolutely, the CSA says. Meanwhile, the Five Eyes countries offer cyber advice to tech startups. Plus, a survey finds “shadow AI” weakening data governance. And get the latest on MFA methods, CISO trends and Uncle Sam’s AI strategy.
FY 2024 State and Local Cybersecurity Grant Program Adds CISA KEV as a Performance Measure
October 31, 2024The CISA Known Exploited Vulnerabilities (KEV) catalog and enhanced logging guidelines are among the new measurement tools added for the 2024 State and Local Cybersecurity Grant Program.
Cybersecurity Snapshot: New Guides Offer Best Practices for Preventing Shadow AI and for Deploying Secure Software Updates
October 25, 2024Looking for help with shadow AI? Want to boost your software updates’ safety? New publications offer valuable tips. Plus, learn why GenAI and data security have become top drivers of cyber strategies. And get the latest on the top “no-nos” for software security; the EU’s new cyber law; and CISOs’ communications with boards.
- Event Monitoring
- Log Analysis
- SecurityCenter