Automatic Remediation
The EventTracker family offers automatic remediation capabilities that users can configure using scripting, powershell, Visual Basic, and others. Based on correlated events that meet serious or critical thresholds, or that occur after hours, EventTracker can be set to take immediate, predefined action. Dozens of predefined remedial actions include:
- Disabling non-white listed USB devices
- Terminating unrecognized executables
- Shutdown and Restart services
- Shutdown systems
- Failover cluster
- Shutdown/restart databases
- Terminate runaway process
- After Hours Policy Enforcement (you can’t be everywhere all day and night)