Tenable has released the Log Correlation Engine, version 4.2. This major release provides several significant new features and enhancements, including:
Automatic Asset Discovery
Assets are detected and identified through inspection of log files. Logs from systems including DNS and DHCP servers, firewalls, and web filters will include information on all devices actively communicating on the network. LCE 4.2 uses this information to deliver complete asset discovery.
User Account Enumeration
User accounts are continuously discovered through log analysis and are identified for audit and reporting.
Vulnerability and Service Detection
LCE analyzes log data to passively detect and identify a variety of vulnerabilities. LCE 4.2 also detects running applications and services to provide additional data for software inventory and identification. (This feature also requires SecurityCenter 220.127.116.11).
Advanced Network Profiling
LCE 4.2 continually builds a detailed profile of the network as logs are processed to provide additional contextual data for analysis and reporting on security and compliance. (This feature also requires SecurityCenter 18.104.22.168).
A powerful set of features supporting high availability requirements has been added, including the ability to create a redundant remote copy of a system, advanced load balancing, and automated capabilities for failover and recovery.
LCE 4.2 software, release notes, and documentation (including a new High Availability Large Scale Deployment Guide) are all available for download from the Tenable Support Portal.