Security Advisor (SA) is a new breed of Real-Time Enterprise Security Management (RTESM) system, designed specifically to address the need for proactive real-time multi-vendor security. Security Advisor collates and normalises security events from heterogeneous devices in real-time, prioritising and alerting operators in the event of suspicious activity. SA provides users with a single, centralised view of the security status allowing organisations to manage their whole security architecture.

1. Total cross-platform security - supporting operating systems, firewalls, intrusion detection systems, routers, authentication servers and other security devices
2. Consolidated Enterprise View - collates security events from disparate systems and presents them in a single, unified console
3. Real-time attack alerting and event monitoring - reduces the time taken to identify breaches and suspicious system/network events
4. False-positive alert reduction - time-sensitive event correlation signficantly reduces false-positive alerts
5. Event correlation 'eCorrelation' - combines event data from multiple sources by applying Boolean rules to reduce false alerts and scan for distributed attacks
6. Alert dampening - reduces the amount of alert overload
7. Portability - ability to support widest range of vendor equipment, operating systems and application into a common format
8. Status Board - fully customisable
9. Enterprise scalability - handles tens of thousands of alerts simultaneously
10. Forensic reporting and data mining - ability to perform data mining on an enterprise event message repository for post-incident analysis