SIEM Collectors & Responders
Supported capabilities for SIEM Collectors & Responders
​
Collectors
-
Standard collectors are agent-less with the flexibility of delivering agent-based collectors if your organization requires them
-
Support continuous real-time monitoring
-
Simultaneously perform continuous discovery of devices on your network
-
Support for IT devices/endpoints and OT endpoints (sensors/machines)
​
Responders
-
We provide agent-less responders through advanced features that will only be available with agents in the most complex distributed environments.
-
Responders execute automated threat responses (auto-containment or auto-remediation) including specifically: Quarantine, Suspend Process as well as Clean and Collect Forensics (useful to help hunt for dormant stealth malware).
​
​