Infocenter 5.1 is developed on RWEST algorithm to correlate events.
OpenService, a provider of log and IT risk management systems, has announced a new risk-based security metrics reporting system to help corporations monitor their IT risk trends and determine the effectiveness of their security controls. Available in the new release of its software product, InfoCenter 5.1, this system was beta tested and first deployed on IBM BladeCenter servers.
According to OpenService, InfoCenter 5.1 measures risk automatically by analyzing events reported by security and network devices, operating systems, databases and applications. The risk level of each event is scored as a function of threat, vulnerability, and asset value – an industry standard approach for calculating risk.
The company said that the algorithm it developed, called Risk-Weighted Event Scoring and Thresholding (RWEST), scores and correlates events from a wide range of servers, devices and applications and, based on this, supports the visualization and trending of risk over time and across departments as well as real-time alerting.
RWEST is expected to help reduce IT risk by enabling security analysts to quickly pinpoint and address the highest risk situations thus improving operational effectiveness.
Mike Schmitt, CEO of OpenService, said: The reason that risk-based security metrics are so important is that it is impossible to manage what you can’t measure. RWEST makes it possible to precisely and consistently measure security risk, not unlike how a credit score precisely measures creditworthiness. It provides management with an objective, repeatable, transparent process that is crucial to guiding security decisions and strategy. We are particularly pleased to have IBM as a customer and beta test system. Their input was very useful in shaping the final product.