Key new features are said to include out-of-the-box correlation tools, Web-based update services, advanced incident management functions and customisable workspaces designed for specific tasks such as comparing an organisations security posture and vulnerabilities against the standards set by the SANS Institute.
 
Advanced bi-directional integration with network and systems management solutions, such as Computer Associates Unicenter NSM, also aim to enable IT security teams to leverage data from those solutions, so as to more effectively detect and respond to a full range of threats. 
 
According to the company, eTrust Security Command Center monitors and manages all aspects of enterprise security, from threat discovery through resolution, in real time.

It aims to provide a centralised command-and-control centre that presents security data in an intuitive graphical interface that enables IT security teams to quickly identify and respond to events and vulnerabilities, based on their urgency and potential business impact.
 
Comments Karel Rode (CISSP), security sales executive at Computer Associates Africa: In the event of a security breach, the investigation team looks at the system events and logs of the affected systems, however, often these logs are not archived properly. Moreover, these logs do not allow the team to continuously improve a companys security posture.
 
eTrust Security Command Center r8s Audit feature, for example, allows companies to collect events from wide range of industry standard operating systems, applications and appliances. And, once data is reduced according to a policy, as defined on the SCC machine, data correlation can commence. Also, data sets from various systems can be compared again according to a central policy ensuring that areas of commonality for an attack threat can be found, with appropriate actions from the responsible team members.
 
Rules-based correlation

eTrust Security Command Center r8 is designed to use rules-based correlation to zero in on root cause issues that underlie security events. Its out-of-the-box event correlation tools are said to include:
 
*Rules library with more than 100 default policies for fast threat analysis; *Automatic policy updates via the Web; and

*Rule templates and wizards that facilitate creation of customised rules.
 
Keeping up with CAs Enterprise Infrastructure Management strategy, eTrust Security Command Center aims to enable IT organisations to manage security in a common manner with other infrastructure, application and data management processes, such as those running under CAs Unicenter Network and Systems Management (Unicenter NSM).
 
This integrated approach reduces technology ownership costs and enables security policies to be extended across functional areas for example, in using data about network traffic anomalies to better identify the nature of a security event, CA adds.
 
Additionally, eTrust Security Command Center r8 aims to add value by providing companies with updates of correlation rule templates, workspaces and agents via the Web. These updates are tested and validated to ensure their effectiveness, CA concludes.