Cisco Security Suite 3.0.1 – Now with ISE

Security Jason Conger

The Cisco Security Suite was recently updated to work with Splunk 6. As mentioned in the previous release, one release is not enough to get all the Cisco security related information integrated into the suite. With version 3.0.1 of the Cisco Security Suite, Cisco Identity Services Engine (ISE) has been added. Over 20 ISE-related dashboards have been integrated into the suite.

Cisco with ISE

ISE is really powerful and adds a lot of additional data that can be correlated. For instance, say you have an IP address from somewhere in your environment. ISE can tell you which user is using that IP, what type of device the user is using, the posture of the device, and much more. Therefore, in addition to ISE being integrated into the Cisco Security Suite, a separate application has been published that focuses only on ISE.

Download Cisco Security Suite 3.0.1 here -> http://apps.splunk.com/app/525/

Download the ISE-only app here -> http://apps.splunk.com/app/1589/

Related Articles

Detecting Suspicious ESXi Activity Before Ransomware Happens
Security
11 Minute Read

Detecting Suspicious ESXi Activity Before Ransomware Happens

Learn to detect suspicious activity using Splunk, including log ingestion, common indicators, and comprehensive detection strategies for VMware ESXi environments.
Announcing the General Availability of Splunk® Enterprise Security 8.0
Security
3 Minute Read

Announcing the General Availability of Splunk® Enterprise Security 8.0

We are thrilled to announce Splunk Enterprise Security 8.0 is now generally available.
Hunting M365 Invaders: Dissecting Email Collection Techniques
Security
17 Minute Read

Hunting M365 Invaders: Dissecting Email Collection Techniques

The Splunk Threat Research Team describes various methods attackers may leverage to monitor mailboxes, how to simulate them and how teams can detect them using Splunk’s out-of-the-box security content.