Log & Data Management

Armor Anywhere is used to collect logs from the security capabilities within the agent as well as from cloud native and third-party log sources. Logs ingested and analyzed by Armor are made visible through both the Armor Management Portal or via API.

Armor Anywhere Agent

Armor collects event data from Armor Anywhere's integrated security capabilities such as from the intrusion detection system, file integrity monitoring, vulnerability scanning and malware protection.

Cloud Native Sources

Armor can ingest logs from services within AWS, Azure or Google Cloud Platform. For example, in AWS, Armor can ingest logs from AWS CloudTrail, VPC Flow Logs, AWS WAF and Amazon GuardDuty.

Third-Party Sources

Armor can collect logs from third-party sources such as from virtualized appliances, network devices, firewalls, endpoint detection and response tools, switches and others.

How It Works

Armor Anywhere’s security log ingestion capability, integrated in the agent, ingests logs from various sources. The logs are stored and can be correlated and analyzed against threat intelligence feeds from Armor and other third parties. Armor provides log search and analytics capabilities through the Armor Management Portal. The benefits of Armor’s log and data management add-on include:

  • Enhanced security posture through the enrichment of the overall security context of an organization’s environment.
  • Enhanced threat detection and response outcome from additional security logs in an organization’s environment.
  • Ability to meet compliance mandates through the storing of log data for up to 13 months.

Simplify Adherence to Major Compliance Frameworks

Ready to Get Started?

Get started with our pricing tool or chat with our experts for answers on-demand.