Tenable Event Correlation
Correlation is essential in extracting context and intelligence from the reams of network event data available to security professionals. Tenable Network Security’s Log Correlation Engine (LCE) product offers multiple event correlation techniques to detect abuse, anomalies, compromise, and compliance violations.
This paper outlines the various types of event correlation provided by LCE, what information is leveraged by correlation engines, and how these capabilities can be leveraged to monitor both security and compliance on enterprise networks. The paper provides both high-level overviews as well as detailed descriptions of all LCE correlation engines.