InTrust enables you to securely collect, store, search and analyze massive amounts of IT data from numerous data sources, systems and devices in one place. Get real-time insights into user activity for security, compliance and operational visibility. In a single view, you can discover what resources users have access to, how that access was obtained and how it was used.
With InTrust, you’ll be able to:
Correlate disparate IT data from numerous systems and devices into an interactive search engine for fast security incident response and forensic analysis. Include user entitlements and activity, event trends, suspicious patterns and more with rich visualizations and event timelines.
Pass audits, review security incidents and reveal any malicious insider activity in less time and with more confidence. One view quickly answers tough questions including what resources users have access to, how that access was obtained and how it was used afterwards.
Start investigations into users, groups, shares, files or events and quickly pivot into other views as new details emerge for a more complete investigation.
Automate, secure and scale the collection of event logs across servers, network devices and workstations with immediate availability for analysis, security and compliance reporting.
Easily convert investigations into multiple report formats. Schedule reports and automate distribution across teams or choose from a vast library of pre-defined best practice reports with built in event log expertise.
Enables you to create a cached location on each remote server where logs can be duplicated as they are created, preventing a rogue user or administrator from tampering with the audit log evidence.
Archive and conduct full-text search on long-term event log data for compliance and security purposes in a highly compressed and indexed online repository, saving storage costs and time spent searching for events.
Run smart searches on auditing data from Enterprise Reporter and Change Auditor to improve security, compliance and operations while eliminating information silos from other tools.
Sends real-time alert notifications about unauthorized or suspicious user activity directly to you via email or to third-party monitoring applications such as Microsoft System Center Operations Manager (SCOM).
Forwards all log data collected from Windows servers and network devices to a security information and event management (SIEM) solution of your choice. Supports customizable event output formats to seamlessly integrate with a wide variety of SIEM solutions.
Get a unified view into event log data from Windows, Unix/Linux, network devices, custom text logs and more. Make sense of log events by leveraging their simplified and normalized representation of Who, What, When, Where and Workstation.