Video | Business Headlines | Internet | Science | Scientific Ethics | Technology | Search


Symantec Releases Incident Manager 2.0

News Release


Symantec Releases Incident Manager 2.0

A Key Component of the Symantec Security Management System,

Symantec Incident Manager Provides Automatic, Real-Time Correlation

for Superior Protection

Symantec Corp. (NASDAQ: SYMC), the world leader in Internet security, today announced the release of Symantec Incident Manager 2.0. Symantec Incident Manager uses automated correlation to identify and prioritise security issues and then coordinates resolution of those issues, allowing enterprises to proactively secure their network against known threats and respond to new attacks in real time.

“With today’s organisations becoming more global, connected and dynamic in nature, the practice of security management has never been more complex,” says Richard Batchelar, Country Manager for Symantec New Zealand. “Symantec Incident Manager helps companies take real steps to manage information security risks.”

Enterprise security management can be complicated, often delivered through the combination of commercial products from different vendors that lack integration and interoperability. These products generate a tremendous amount of data- in some cases, millions of messages or “events” each month. Most events are the result of normal activity. However, messages reporting real malicious activity often get lost in all of the data.

Taken individually, it can be difficult to determine if an event requires action. Single events don’t have enough information, so grouping related events together into incidents helps administrators understand the nature and scope of an attack or unwanted activity. An incident is a set of events or conditions that requires a response and closure in order to restore an appropriate risk profile. The challenge is sorting through the millions of events to find incidents in time to take action.

Symantec Incident Manager correlates security events from disparate security products and across protection technologies, including antivirus, firewall and intrusion detection to identify incidents in real time, and coordinates response actions throughout the entire incident lifecycle.

In addition to automatic, real-time correlation, Symantec Incident Manager also offers business impact analysis using a sophisticated risk analysis engine that determines the impact of each incident on a customer’s business in terms of confidentiality, integrity and availability. Customers can tailor the system with specific risk profiles for each part of their business to ensure the business impact analysis is uniquely relevant to their individual needs. The risk analysis engine also determines which incidents are urgent and presents a prioritised, actionable list. Incident priority is determined and updated in real time to reflect the most current state of an incident, allowing staff to focus resources on resolving the most critical incidents first.

Symantec Incident Manager helps administrators understand important characteristics of each incident by displaying links between event signatures and safeguards. It also provides dynamic guidance, assessing the nature of each incident and providing specific instructions that guide the administrator through the resolution process. Guidance is based on the SANS incident handling best-practices framework.

Symantec Incident Manager includes expert security content, produced by Symantec Security Response, which provides correlation rules and conclusions, and action recommendations to guide staff as they identify and resolve incidents.

Finally, Symantec Incident Manager integrates with the new Symantec Vulnerability Assessment 1.0 to correlate attacks to vulnerabilities, reducing false positives since administrators can readily focus on the systems that are most vulnerable to each attack.

The Symantec Security Management System

Symantec Incident Manager is a key component of the Symantec Security Management System, which is comprised of multiple components that can be purchased and deployed separately, but also integrate with one another to provide the right set of security management applications unique to individual business objectives. Other key components of the Symantec Security Management System are Symantec Event Managers and Symantec Enterprise Security Manager (ESM).

Symantec Event Managers

Symantec Event Managers provide enterprise customers with logging, alerting and reporting for a specific area of protection, such as antivirus, firewall and intrusion detection. Symantec Event Manager for Anti-Virus, Symantec Event Manager for Firewall and Symantec Event Manager for Intrusion Detection (IDS) consolidate data from Symantec’s protection solutions to provide the customer with a complete view of virus, firewall and IDS events. Using Symantec Event Collectors, customers can also collect data from third-party vendor security products. The following Symantec Event Collectors are currently available: Symantec Event Collector for Network Associates ePO and VirusScan, Symantec Event Collector for Trend Micro Gateway and Groupware, Symantec Event Collector for Check Point VPN-1/Firewall-1, and Symantec Event Collector for ISS RealSecure.

Symantec is also working with third-party vendors to create collectors through the Symantec Technology Partner Program, which was formally announced in March 2003. Top Layer Networks and VIGILANTe are among the early adopters of Symantec’s integration technologies. Further information on joining the Technology Partner Program or current certified partners can be found at

Symantec ESM

Symantec ESM, an industry-leading security policy compliance solution, can be integrated with Symantec Incident Manager to track the resolution of identified policy non-compliance incidents to closure, giving enterprise customers a more comprehensive approach to security management. As a stand-alone security application, Symantec ESM enables enterprises to create customized security policies and manage policy compliance in mission critical business applications and servers across a heterogeneous enterprise from a single location.


Symantec Incident Manager is available through select Symantec value-added systems integrators and certified partners. The other components of the Symantec Security Management System are currently available through Symantec’s worldwide network of value-added authorised resellers, distributors and systems integrators. Organisations can be connected with Symantec resellers or distributors in their areas by visiting the Symantec Solution Provider locator at

Symantec Consulting Services

Symantec Consulting Services provides assistance with planning, installing and deploying Symantec Incident Manager 2.0. For more information about Symantec Consulting Services, please visit

About Symantec

Symantec, the world leader in Internet security technology, provides a broad range of content and network security software and appliance solutions to individuals, enterprises and service providers. The company is a leading provider of client, gateway and server security solutions for virus protection, firewall and virtual private network, vulnerability management, intrusion detection, Internet content and e-mail filtering, remote management technologies and security services to enterprises and service providers around the world. Symantec’s Norton brand of consumer security products is a leader in worldwide retail sales and industry awards. Headquartered in Cupertino, Calif., Symantec has worldwide operations in 38 countries. For more information, please visit

© Scoop Media

Business Headlines | Sci-Tech Headlines


I Sing The Highway Electric: Charge Net NZ To Connect New Zealand

BMW is turning Middle Earth electric after today announcing a substantial contribution to the charging network Charge Net NZ. This landmark partnership will enable Kiwis to drive their electric vehicles (EVs) right across New Zealand through the installation of a fast charging highway stretching from Kaitaia to Invercargill. More>>


Watch This Space: Mahia Rocket Lab Launch Site Officially Opened

Economic Development Minster Steven Joyce today opened New Zealand’s first orbital launch site, Rocket Lab Launch Complex 1, on the Mahia Peninsula on the North Island’s east coast. More>>


Marketing Rocks!
Ig Nobel Award Winners Assess The Personality Of Rocks

A Massey University marketing lecturer has received the 2016 Ig Nobel Prize for economics for a research project that asked university students to describe the “brand personalities” of three rocks. More>>


Nurofen Promotion: Reckitt Benckiser To Plead Guilty To Misleading Ads

Reckitt Benckiser (New Zealand) intends to plead guilty to charges of misleading consumers over the way it promoted a range of Nurofen products, the Commerce Commission says. More>>


Half A Billion Accounts, Including Xtra: Yahoo Confirms Huge Data Breach

The account information may have included names, email addresses, telephone numbers, dates of birth, hashed passwords (the vast majority with bcrypt) and, in some cases, encrypted or unencrypted security questions and answers. More>>


Rural Branches: Westpac To Close 19 Branches, ANZ Looks At 7

Westpac confirms it will close nineteen branches across the country; ANZ closes its Ngaruawahia branch and is consulting on plans to close six more branches; The bank workers union says many of its members are nervous about their futures and asking ... More>>

Interest Rates: RBNZ's Wheeler Keeps OCR At 2%

Reserve Bank governor Graeme Wheeler kept the official cash rate at 2 percent and said more easing will be needed to get inflation back within the target band. More>>


Get More From Scoop

Search Scoop  
Powered by Vodafone
NZ independent news