Supported capabilities for SIEM Collectors & Responders

​

Collectors

• Standard collectors are agent-less with the flexibility of delivering agent-based collectors if your organization requires them 

• Support continuous real-time monitoring

• Simultaneously perform continuous discovery of devices on your network

• Support for IT devices/endpoints and OT endpoints (sensors/machines)

​

Responders

• We provide agent-less responders through advanced features that will only be available with agents in the most complex distributed environments.

• Responders execute automated threat responses (auto-containment or auto-remediation) including specifically: Quarantine, Suspend Process as well as Clean and Collect Forensics (useful to help hunt for dormant stealth malware). 

​

​