Analysis and Classification of Mitigation Tools against Cyberattacks in COVID-19 Era

The COVID-19 outbreak has forced businesses to shift to an unprecedented “work from home” company environment. While this provides advantages for employees and businesses, it also leads to a multitude of shortcomings, most prevalent of which is the emergence of additional security risks. Previous to the outbreak, company computer networks were mainly conﬁned within its facilities. The pandemic has now caused this network to “spread thin,” as the majority of employees work remotely. This has opened up a variety of new vulnerabilities, as workers’ cyber protection is not the same at home as it is in oﬃce. Although the eﬀects of the virus are now subsiding, working remotely has embedded itself as the new normal. Thus, it is imperative for company management to take the necessary steps to ensure business continuity and be prepared to deal with an increased number of cyber threats. In our research, we provide a detailed classiﬁcation for a group of tools which will facilitate risk mitigation and prevention. We also provide a selection of automated tools such as vulnerability scanners, monitoring and logging tools, and antivirus software. We outline each tool using tables, to show useful information such as advantages, disadvantages, scalability, cost, and other characteristics. Additionally, we implement decision trees for each category of tools, in an attempt to assist in navigating the large amount of information presented in this paper. Our objective is to provide a multifaceted taxonomy and analysis of mitigation tools, which will support companies in their endeavor to protect their computer networks. Our contribution can also help companies to have some type of cyber threat intelligence so as to put themselves one step ahead of cyber criminals.


Introduction
Within the context of computers and computer networks, an attack is any plan to expose, alter, disable, destroy, steal, or gain unauthorized access.A cyberattack is any sort of offensive maneuver that targets computer information systems, infrastructures, computer networks, or PC devices [1].An attacker may be a person or process that attempts to access data, functions, or other restricted areas of the system without authorization, potentially with malicious intent.In terms of context, cyberattacks are often a part of cyberwarfare or cyberterrorism [2].A cyberattack is often employed by nation-states, individuals, groups, society, or organizations and it may originate from an anonymous source.
Cyberattacks became increasingly sophisticated and menacing in the COVID-19 era.e coronavirus pandemic has challenged businesses, as they attempt to adapt to an operational and functional model which is heavily based on teleworking (working from home or other remote locations).Forcing companies to shift to a mainly digital business model has opened them up to multiple new cybersecurity risks.
e reputational operational, legal, and compliance implications could be considerable if cybersecurity risks are neglected.e impact of COVID-19 on cyber risk is too high and mitigation measures, which businesses can implement, must be effective [3].e year 2020 will be marked as a distinctively disruptive year, not only for the worldwide health crisis but also for the online life being digitally transformed, as exponential change accelerated at home and work via cyberspace [4].
A recent study held by Tanium underlined that there was a significant rise in cyberattacks due to the pandemic and that the transition to remote work led to a delay in key security projects [5].According to ENISA [6], during the pandemic, cybercriminals have been seen fostering their capabilities, adapting quickly, and targeting relevant victim groups more effectively (Figure 1).e increase in remote working requires expertise in cybersecurity, due to the greater exposure to cyber risk.Reports have shown that almost one in every two individuals are deceived by a phishing scam while working at home [3].Moreover, in most cases, an attack spreads from an infected user to other employees in their organizations and half of them have been affected by ransomware within the past 12 months [7].
In this research, we will introduce a mitigation analysis of obtainable tools, which will support technical security policies.Related work is presented in section "Related Work." e main contribution of our paper is in section "Mitigation Tools Analysis and Classification" where tools are analyzed and classified in several ways.We are going to present an inventory of automated mitigation tools like vulnerability scanners, monitoring and logging tools, and antivirus software.ere will be a quick outline for each tool and table, which will provide useful information such as strong and weak points, cost, and scalability.Finally, section "Conclusions" concludes with the analysis of the classification results.

Related Work
In an attempt to cope with the exponential rise in cyber threats, due to COVID-19, we are motivated to contribute to the research regarding cyberattack mitigation tools.Snell [8] cites utilities from specific security vendors that seek out unauthorized activity but allow safe transmissions onto the network.As described by Alzahrani et al. [9], security tools are used to scan for these widespread vulnerabilities in web applications.Moreover, their paper evaluates them based on security vulnerabilities and gives recommendations to the web applications' users and administrators aiming to educate them.e objective of Bekavac and Garbin Praničević [10] is to compare and analyze the impact of web analytics tools for measuring the performance of a business model.A summary of web analytics and metrics tools is also given, including their main characteristics, functionalities, and available types.Turuvekere and Pandit [11] focus on various attacks that are possible on a web application and compare various penetration testing tools.Naga Sudheer et al. [12] discuss the features of automated and manual testing as well as analyzing three automated software testing tools: Selenium, UFT/QTP, and Watir.
is work highlights the differences between automated and manual testing.
e aim of Kaur and Kumari [13] research paper is to evaluate three software testing tools to determine their usability and effectiveness.Kołtun and Pańczyk [14] help users choose the right tool, by comparing the following: Apache JMeter, LoadNinja, and Gatling.e research indicates the most important advantages and disadvantages of the selected tools.
In contrast to the aforementioned literature, our research will present a great range of IT Security tools with an extensive analysis and classification with specific criteria for the purpose of assisting users and organizations to fortify their systems.

Scope of Our Work.
e purpose of our publication is to assist in the increased treatment of computer security attack incidents through the categorization of the mitigation tools we have done.Surely, COVID-19 has played an important role in the increasing activity of malware since attackers can find a wider field to act on.As a major part of our work revolves around presenting a multitude of products and tools regarding vulnerability scanning, monitoring and logging, and AV Software, it was imperative to draw information from the most immediate source available.us, we extracted information from product websites and technical documents.
Τhe work we have done can help organizations and companies effectively and efficiently protect their assets.It is critical for an organization to have a fast and effective means of responding, whenever any kind of computer security attack occurs on it or an intrusion is recognized [15].For example, our classification can be a tool for Computer Security Incident Response Teams (CSIRTs).ENISA [16] points out how important the role of CSIRT is in dealing with security breach incidents at a national and international level.As we know the goal of the CSIRT [15]-when an incident occurs-is to control and minimize any damage, preserve evidence, provide quick and efficient recovery, prevent similar events in the future, and acquire knowledge of threats against the organization.e results and findings of mitigation tools can help significantly in dealing with similar incidents in the future.CSIRTs concentrate on the coordination of incident handling, thereby eliminating duplication of effort.eir focus is to mitigate the potentially serious effects of a severe computer security-related problem.To achieve this goal, they concentrate their efforts on the capability to react to incidents and the resources to alert and inform its constituency, as well [17].
A best-case scenario is vulnerabilities scanner results to be shared between CSIRT for improved threat intelligence.Businesses need to support their computer security capabilities before they suffer from serious computer security problems that can harm their mission, result in significant expense, and tarnish their image [17].e wide range of tools we suggest in our research can help significantly in this type of group.A CSIRT should also provide true business intelligence to its parent organization by virtue of the following [18]: Information collected regarding various current and potential threats and attacks which threaten the enterprise 2 Security and Communication Networks Knowledge of general intruder attacks, trends, and corresponding mitigation strategies Infrastructure and policy weakness and strength comprehension: this information is based on incident postmortems e CSIRT Network [19] provides a forum where members can cooperate, exchange information, and build trust.Members are able to discuss how to respond in a coordinated manner to specific incidents and how to handle cross-border incidents.Computer security incidents require fast and effective responses from the organizations concerned.CSIRT are responsible for receiving and reviewing incident reports and responding to them appropriately [20].Monitoring and logging tools that have been analyzed in our survey can actually help in this direction.Additionally, threat intelligence gives organizations an edge to stay one step ahead of attackers but the threat intelligence must be relevant and coupled with the right context [21].
Analysis and classification of mitigation tools that are presented in this paper can improve threat intelligence.We mention the following benefits [22]: Valuable insight and context: providing details on which risks are most likely to damage a company or industry, as well as indicators to help prevent and identify future attacks Improved incident response times: prioritizing alerts allows an organization to respond faster to real threats and reduces the likelihood of significant consequences from a breach Improved communication, planning, and investment: security teams can communicate real risks to the business and focus on defending high-risk targets from genuine threats by investing in and preparing more security To create threat intelligence customized to information systems, CSIRTs need to collect data internally.External Security and Communication Networks sources should be monitored for threat data related to any components or tools used.Tools can be utilized, which can automatically return relevant information that can provide additional context for your analyses [23].erefore, it is important to choose appropriate tools that will assist in the successful treatment of attacks.
Figure 2 [24] shows an indicative workflow of an incident management team.CSIRT should follow the steps while having the correct information.Our paper offers the guidelines through analysis and classification to choose the proper tools for doing this procedure.

Mitigation Tools Analysis and Classification.
In this section, we present the main contribution of our paper, where mitigation tools are analyzed and classified in several ways.We aim to facilitate stakeholders to understand which tools better fit their needs.In section "Vulnerability Scanners Analysis," we analyze 25 vulnerability scanners, while in section "Classification of Vulnerability Scanners," we classify them based on 10 specific criteria.In sections "Monitoring and Logging Tools Analysis" and "Classification of Monitoring and Logging Tools," we analyze and categorize 25 monitoring and logging tools based on 8 criteria.In section "Antivirus Software Classification," we classify 14 antivirus software tools according to 9 criteria.Additionally, we implement three decisions trees for each category of tools we examined.e purpose of this paper is to give a roadmap for stakeholders (CSIRT, CISO, IT professionals, simple users, etc.), choosing the appropriate tool.[25] is a program designed to assess computers, networks, or applications for better-known flaws.

Vulnerability Scanners Analysis. A vulnerability scanner
ey are used for vulnerability identification and detection arising from misconfigurations or imperfect programming of a networkbased quality.eir function is similar to a firewall, router, web or application server, and so on.Modern vulnerability scanners provide authenticated and unauthenticated scans.
ey also usually have the ability to customize vulnerability reports as well as the installed software, open ports, certificates, and other host data which will be queried as a part of their workflow.A number of them are briefly presented as follows: (1) Acunetix: it [26] 1).e tools are classified according to the following criteria: (i) strengths, (ii) weaknesses, (iii) free trial, (iv) cost/price, (v) scalability, (vi) technical support, (vii) vulnerability assessment, (viii) reports and analytics, (ix) ease of use, GUI offered, and (x) compatibility.e next part of the section includes the proposed decision tree.
Results showed that the majority of vulnerability scanners that we examined are easy to use and offer technical support, scalability, vulnerability assessment, reports, and analytics.Windows is the main operating system they support, although an adequate number of them can support most platforms.In addition, users can find free trial editions in every tool we tested, whereas only Arachni, Nikto, OpenVas, Retina CS, and Secunia, MBSA are open-source tools.
e corresponding decision tree is depicted in Figure 3.

Monitoring and Logging Tools Analysis
Monitoring and logging tools are types of software that oversee activity and generates log files accordingly.Log files can be created by servers, application, network, and security devices.Errors, problems, and other data are continually logged and saved for analysis.In order to detect issues mechanically, system administrators, and operations, set up monitors on the generated logs.e log monitors scan the log files and explore for identified text patterns and rules that indicate necessary events.Once an event is detected, the monitoring system can send an alert, either to a specified individual or to a different software/hardware system.Monitoring logs facilitate to spot security events that occurred or may occur.A number of them will be presented as follows: (1) Solarwinds Network Performance Monitor (NPM): Solarwinds [51] is a Windows-based tool, even though it can monitor lots of devices.A web interface provides information about the devices being monitored and helps do the configuration.Alerting and reporting are some of its features as well.Regarding general infrastructure monitoring, Solarwinds NPM fulfills that role in the Solarwinds Orion suite of tools since it provides information like availability, health status (temperature, power supply, etc.), and performance indicators (e.g., interface utilization).(2) Solarwinds Server and Application Monitor: Solarwinds SAM [52] provides deep insight into servers and applications.e tool comes with monitoring templates, customized to monitor custom applications, so as to help get setup quickly.6 Security and Communication Networks e tool mitigates the issue having interpreted problems first and initiates then an automatic predefined action.Another feature is that it permits remote control, remote support, remote access, even remote meetings, by extending the ConnectWise suite.In addition, the "Patch Management" allows protection of all systems with simultaneous patching from a centralized manager.( 16) Logic Monitor: it [66]  Logstash is a server-side data processing pipeline that collects data from multiple sources at the same time, transforms it, and then sends it to Elasticsearch.Kibana helps users to visualize data with charts and graphs in Elasticsearch [75].Lately, the addition of Beats turned the stack into a four-legged project.
ese different components are used together for monitoring, troubleshooting, and securing IT environments (though there are many more use cases for the ELK Stack, such as business intelligence and web analytics) [76].For many organizations, the ELK Stack is an open-source alternative to other SIEM (security information and event management) systems [77].A can benefit from ELK stack because of the combination of tools that it uses.Also, ELK stack can be used for vulnerability management [78].

Classification of Monitoring and Logging Tools.
In Table 2, the examined tools have been classified based on the following parameters: (i) strengths, (ii) weaknesses, (iii) free trial available, (iv) cost/price, (v) scalability, (vi) technical support, (vii) reports and analytics, and (viii) ease of use, GUI offered.At the end of this section, we present the corresponding decision tree.
From the monitoring and logging tools we examined, all have free trial versions and the vast majority of them are easy to use and offer scalability, technical support, report, and analytics.Moreover, many of them like Zabbix, LibreNMS, Spiceworks, Snort, Netwrix Event Log Manager, and Splunk are open-source network systems.
e decision tree is depicted in Figure 4.

Antivirus Software Classification.
Commonly, malicious software is blocked by antivirus materials through the identification of code signatures distinctive to different kinds of malware.Once the applications encounter a file with a code string that matches one in their database for an already known virus, they block its access to the intended victim's computer [79].
In the fight between attackers and security researchers, the former endeavor is to break any defense mechanism by masquerading, social engineering, or by impeding antivirus software from detecting, so that they can settle on as many computers as possible and their malware can lay in the hosts for as long as possible.Installing antivirus software is often the foremost way for a user to secure his computer [80].
According to the information mentioned above, it is vital to install antivirus software.Below, there is helpful data regarding each antivirus software, which are classified using the following nine criteria: (i) strengths, (ii) weaknesses, (iii) price, (iv) on-demand malware scan, (v) on-access malware scan, (vi) website rating, (vii) malicious URL blocking, (viii) phishing protection, and (ix) behavior-based detection and the results are listed in Table 3.At the end, we present the decision tree for this category of tools.
It appears that only a few antivirus software tools are totally free of cost and these tools are Bitdefender Free Edition, Avast, Avira, and Sophos.We can also distinguish that the examined antivirus tools that meet all criteria we posed are McAfee, Symantec Norton, Webroot Secure-Anywhere, Kaspersky, Trend Micro, and Bitdefender Antivirus Plus. Figure 5 depicts the decision tree.

e COVID-19 Era and Factor.
In March 2020, the coronavirus was pronounced by WHO as a global pandemic.Until today (July 2021), the COVID-19 crisis has made prevention an urgent need and the lessons that humanity has learned are, hopefully, enough to highlight the serious role of IT security and privacy.e dramatic experience of COVID-19 in several countries, e.g., Brazil, India, Italy, Spain, and USA, to name a few, has outlined the importance of effective cybersecurity due to numerous successful cyberattacks.
ere is no surprise that, during the pandemic, more sophisticated intrusion methods were detected and reported.
Organizations must take additional steps to achieve security requirements by implementing stronger defenses and better practices.
is entails applying a collection of security solutions to prevent any attraction from threat factors, as noticed during the COVID-19 pandemic and the crisis that followed.Sophisticated and highly organized cybercriminals target organizations showing every day how vulnerable the systems are.For example, health organizations have become a prime target because advanced persistent threats (APT) try to obtain information for domestic research into COVID-19-related medicine [94].Additionally, attackers take advantage of collective fear to perform phishing campaigns using coronavirus as a trap [95].reat actors like hackers and state-backed attackers have been using an APT technique to gain a foothold on victim machines and launch several types of malware attacks.In 2020, e-mail phishing attacks were more than 600% since the end of February 2020 [96].And the situation keeps getting more difficult, so there is a need of keeping one step ahead from all these intruders.
As there is no one-size-fits-all security solution, it is not feasible to address every cybersecurity challenge with a single method/technology/solution because every particular system faces different threats, different vulnerabilities, and different risk tolerances.No matter how much we shield a system, human errors and weaknesses will always be a threat.Unpredictable situations, such as the COVID-19 crisis, will create new challenges.ere is an urgent need 12 Security and Communication Networks   Security and Communication Networks  Security and Communication Networks to make protection and security measures much stronger and more effective as the risks and threats have increased.
In essence, the goal of security measures is to reduce the risk of cyberattacks and data breaches.In the context of this work, we intend to propose a series of tools to ΙΤ professional or ordinary users from preventing malicious actions.e COVID-19 situation also triggered a profound change.e crisis has resulted in the increase of various remote activities such as teleworking, remote governance, e-education, and e-commerce.Nevertheless, security and privacy management on these activities have not evolved in terms of user's awareness and cyberspace knowledge.Also, most of the security and privacy technologies available nowadays have been developed to protect the assets of systems and networks.ere is a question if security solutions rise to the challenge, or there is a need to approach the problem differently [97].
Google's specialized team for threat analysis (Google's reat Analysis Group, TAG) that works to identify new vulnerabilities and threats for its products detected 18 m malware and phishing Gmail messages, and more than 240 m spam messages related to COVID-19 daily [98].Particularly, the TAG reported that over a dozen statebacked threat actors used COVID-19 themes as bait for phishing through emails.For example, TAG discovered a campaign that targets personal accounts of US government employees using American fast-food franchises and messages that offered free meals and coupons in response to COVID-19.By clicking on the emails, it presented phishing pages designed to trick users into providing their Google account credentials.Also, TAG found that several threat actors tried to fake users by impersonating health organizations.For example, TAG found an activity, with emails linked to a domain spoofing the World Health Organization's (WHO) login page.A similar attack was reported on MS Office 365 platform [99].
An INTERPOL impact assessment [100] related to cybercrime due to COVID-19 has shown a noticeable shift in focus, from independent personal computers or businesses to a major corporation or government networks and critical infrastructures.Criminals are taking advantage of the fact that organizations and businesses have rapidly deployed remote systems and networks to support staff working from home and the increase in security vulnerabilities, so as to steal data, generate profits, and cause disruption.
Based on the comprehensive analysis of data received from member countries and private partners, a list of cyber threats have been identified as "significant," in relation to the COVID-19 pandemic (Figure 6) [101].
As organizations of all sizes respond to the COVID-19 pandemic by allowing large numbers of employees to work from home, cybersecurity leaders face a sudden expansion of the attack surface.e remote work model, whether used temporarily in emergency situations or as a more durable solution to promote talent acquisition and business development, has also expanded its attack surface.
Managing remote workforce can be challenging because it disperses the attack surface.CISOs and sysadmins should not only pay attention to company-controlled assets, but they should also pay attention to the additional risks posed by employee personal devices that are not managed or protected by security measures from the company [102,103].

Conclusions
e threat landscape has changed dramatically and new threats have arisen, due to COVID-19. is pandemic that has erupted recently has increased the number of cyberattacks worldwide.us, the need for security awareness and shielding of applications and information systems is essential.
e purpose of this survey was to categorize security tools which deal with threats and vulnerabilities that arise in this new era.e rationale for implementing our research was to identify the most effective tools and present them based on specific criteria so that any interested parties can benefit.Our scope is not to suggest a specific tool, but through its analysis and presentation with the use of appropriate criteria, to help stakeholders choose the right one, that is, the one that suits better to their own information systems.
Originally, the use of IT Security tools is necessary in order to maintain sufficient security for the organization.
ese tools help the IT department correct any misconfigurations or flaws which may have occurred and made 18 Security and Communication Networks the system vulnerable to any kind of attacks.In particular, any interested party should be aware of its risks and vulnerabilities and conduct a risk assessment.Stakeholders should invest in and use the appropriate combination of these tools which best suits their situation and with the constant and simultaneous training of its employees, it will be capable of protecting its assets.Initially, we assessed a sufficient number of automated mitigation tools like vulnerability scanners, monitoring and logging tools, and antivirus software.We then classified these tools based on specific criteria.Furthermore, we implemented three decision trees for each category of tools we examined.We attempt to provide simple guidelines, in order to assist stakeholders (CSIRT, CISO, IT staff, simple users, etc.) in making an educated choice.
Results showed that most vulnerability scanners that we examined meet most criteria and the decision regarding which to use is ultimately based on strengths, weaknesses, cost, and compatibility with multiple platforms.A closer look at their shortcomings can help one avoid attacks on an information system.A combination of the tools can also provide better protection.With regard to the monitoring and logging tools, interested parties can select from a wide range of solutions.e analysis we made helps them decide that better suits their systems.Weighing the pros and cons and in conjunction with cost, scalability, technical support, and reports, our research can act as a guideline for reaching a decision.
As a supplementary measure against threats, we distinguish that, among the examined antivirus tools, the following meet all criteria we posed: McAfee, Symantec Norton, Webroot SecureAnywhere, Kaspersky, Trend Micro, and Bitdefender Antivirus Plus.Additionally, we could not detect evidence for Avira and Bitdefender Free Edition which proves that they could potentially meet all criteria.Users can also take into consideration the cost, as only a few are completely free of charge (Bitdefender Free Edition, Avast, Avira, Sophos).
Due to the mass effect of the COVID-19 pandemic on computer and computer network usage, the resulting cybersecurity landscape has grown exponentially in both size and complexity.Securing web applications, against evolving cyber threats, is a shared responsibility for all stakeholders.As a result, a collaborative cyber resilience model, which defines the appropriate cybersecurity posture for web applications, is quite important.Cyber threats and related risks will continue to increase, along with technological developments, which require our constant attention and vigilance.
To summarize, mitigation tools are the main ally against cyberattacks and should constantly protect and help stakeholders make prudent decisions about cyberattack protection.

Data Availability
e data used to support the findings of this study are mostly included within the article.As a major part of our scientific paper revolves around presenting a multitude of products and tools regarding vulnerability scanning, monitoring and logging, and antivirus software, it is imperative to draw information from the most immediate source available.Using that reasoning, we chose to extract information from product websites and technical documents.No online repositories were used.

Figure 4 :
Figure 4: Monitoring and logging tools decision tree.
Security and Communication Networks reporting, and so forth.In addition, it supports virtual environments such as virtual app scanning and vCenter integration.(19) Qualys: it [44] enables organizations to achieve both vulnerability management and policy compliance initiatives cohesively.Built on top of Qualys Infrastructure and Core Services, the Qualys Clod Suite incorporates a number of applications, all of which are delivered via the Cloud: Asset view, vulnerability management, continuous monitoring, web application scanning, malware detection, policy compliance, and so forth.(20) Probely: it [45] scans web applications to find vulnerabilities and security issues providing guidance on how to fix them.Probely performs automated security testing by integrating into Continuous Integration pipelines, following an [46]First development approach, providing all features through an API. is tool covers thousands of vulnerabilities including OWASP TOP10.It is also used to check specific PCI-DSS, ISO27001, HIPAA, and GDPR requirements.(21)Intruder:it[46]isused for scanning as soon as new vulnerabilities are released.Integrations with Slack and Jira help notify development teams when newly discovered issues need fixing, and AWS integration means IP addresses need to be synchronized to scan.It makes vulnerability management easier for small teams and for that reason it is popular among startups and medium-sized businesses.(22) Secunia Personal Software Inspector: it [47] is mainly used to keep all the applications and programs updated and notifies users when an insecure program in a PC is being identified.It also solves security vulnerabilities.(23) SolarWinds Network Configuration Manager: it [48] offers a vulnerability assessment feature, which claims to fix vulnerabilities using automation, as part of its Network Configuration Manager product.e software's built-in configuration manager enables users to monitor configuration changes, so as to prevent vulnerabilities.Moreover, after detecting any violations to the system, it runs automatic remediation scripts.Using this tool, users are also enabled to set continuous audit of (25) Microsoft Baseline Security Analyzer (MBSA): it is [50] a free tool of Microsoft designed to secure a Windows computer based on the specifications and guidelines set by Microsoft.It is usually used by small-sized and medium-sized organizations for managing the security of their networks.Once the
[56]things lacking in Nagios Core.Some of the features available on Nagios XI include a much better web interface, auto discovery, graphs, alerting (SMS, e-mail), reporting, and configuration wizards.(6)ManageEngineOpManager: it[56]is a comprehensive IT infrastructure monitoring solution having an easy-to-use responsive web interface.It can be installed on either Windows or Linux OS and offers several features like server (9) Zabbix: it [59] is an all-in-one network monitoring solution.Although it supports agentless monitoring, the Zabbix server gets monitoring information from the Zabbix agent (as a client-server model).Some of the features provided by Zabbix are performance and application monitoring, web-based (15) ConnectWise Automate: [65] formerly known as Labtech, it can keep track of IT infrastructure devices from a single location.It discovers all devices in a network so they can be monitored proactively.

Table 2 :
Monitoring and logging tools presentation.
Figure 5: Antivirus software decision tree.