Documentation forThreat Monitor

Threat Monitor 1.0 Release Notes

Release date: August 6, 2018

These release notes describe the features in Threat Monitor (TM) 1.0.

New features and improvements in TM

Automated threat detection

Threat Monitor detects threats across your on-premises and hosted data centers, as well as public cloud environments such as Azure or Amazon Web Services (AWS), and software as a service (SaaS) applications such as Office 365. In addition, it automatically discovers network assets. It supports all log and event types, which it stores and correlates to provide full-text search across trillions of events in split seconds. It determines whether servers are friendly or malicious and provides maximized security visibility across your hybrid environment.

Continuously updated threat intelligence

Threat Monitor includes built-in, continuously updated threat intelligence to keep you up to date and aware of new, emerging, and evolving threats as they materialize in the wild. SolarWinds security experts curate and update this threat intelligence daily so that you can focus your efforts on responding to threats instead of having to learn about them.

Built-in intrusion detection

Threat Monitor includes a built-in network intrusion detection system (NIDS) that can be quickly and easily connected to your network via the Collector to monitor your network traffic, looking for malicious or suspicious activity. Updated network signatures are provided daily via the continuously updated threat intelligence feed to keep your Threat Monitor deployment up to date on the latest threats. When malicious activity is detected, you are notified via an alarm in your Threat Monitor alarm console.

Host log collection

Threat Monitor includes an agent that you can deploy to your Windows and Linux-based endpoints to collect log data and send it to Threat Monitor for normalization, correlation, and threat detection.

Scalable deployment

Threat Monitor's hybrid cloud model allows you to deploy as many collectors as you want and start monitoring quickly, without having to plan how much RAM or CPU is required on your SIEM databases to process additional data. It can then easily scale to handle organizational growth.

Automated incident response

Threat Monitor searches and analyzes logs to assess the nature of attacks, and then initiates automated intelligent and configurable responses that remediate security incidents as soon as they arise. Highly indexed log search capabilities enable speedy post-forensic analysis.

Alerts

Customize alarms to identify important events and provide on-demand or scheduled reporting. You can also configure alerts to stop after threats have been automatically remediated.

Highly indexed log search capabilities

Rapidly search and analyze thousands of logs to understand the nature of ecosystem threats and attacks.

Compliance and reporting

Threat Monitor enables you to achieve and maintain audit compliance by providing extensive out-of-the-box compliance reporting. It features a report wizard for creating customized reports that enable you to leverage existing report templates or create custom reports to fit your business needs. In addition, you can consolidate and store logs from all of your on-premises, hosted and cloud-based devices, servers, and applications as well as use built-in archiving to ensure compliance.

Multi-tenant dashboard

A centralized dashboard provides insight into client security events.

Legal Notices

© 2020 SolarWinds Worldwide, LLC. All rights reserved.

This document may not be reproduced by any means nor modified, decompiled, disassembled, published or distributed, in whole or in part, or translated to any electronic medium or other means without the prior written consent of SolarWinds. All right, title, and interest in and to the software, services, and documentation are and shall remain the exclusive property of SolarWinds, its affiliates, and/or its respective licensors.

SOLARWINDS DISCLAIMS ALL WARRANTIES, CONDITIONS, OR OTHER TERMS, EXPRESS OR IMPLIED, STATUTORY OR OTHERWISE, ON THE DOCUMENTATION, INCLUDING WITHOUT LIMITATION NONINFRINGEMENT, ACCURACY, COMPLETENESS, OR USEFULNESS OF ANY INFORMATION CONTAINED HEREIN. IN NO EVENT SHALL SOLARWINDS, ITS SUPPLIERS, NOR ITS LICENSORS BE LIABLE FOR ANY DAMAGES, WHETHER ARISING IN TORT, CONTRACT OR ANY OTHER LEGAL THEORY, EVEN IF SOLARWINDS HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

The SolarWinds, SolarWinds & Design, Orion, and THWACK trademarks are the exclusive property of SolarWinds Worldwide, LLC or its affiliates, are registered with the U.S. Patent and Trademark Office, and may be registered or pending registration in other countries. All other SolarWinds trademarks, service marks, and logos may be common law marks or are registered or pending registration. All other trademarks mentioned herein are used for identification purposes only and are trademarks of (and may be registered trademarks) of their respective companies.