Cisco Security Suite 3.0.2 now includes Cisco IronPort Email Security Appliance (ESA) Data
The Cisco Security Suite app continues to get updated for Splunk 6.x. The latest addition is support to Cisco IronPort Email Security Appliance (ESA). A new add-on has been published that provides Common Information Model compliant field extractions and tags for data from Cisco ESA. So now, the Cisco Security Suite supports:
- Cisco ASA and PIX firewall appliances, the FWSM firewall services module
- WSA web security appliance
- Cisco IronPort Email Security Appliance (ESA)
- Cisco Identity Services Engine (ISE)
Also, with each release, we incorporate more feedback about documentation. So, in addition to documentation found within the Cisco Security Suite app itself, a subset of “getting started” documentation has been published under the Documentation tab on http://apps.splunk.com/app/525/.
Stay tuned, there is more to come…
Title
Related Articles
Filter
Category
Blog Limit
3
Category
security
Sort Category Shuffle Order
true
Related Articles
Splunk Named a Leader in the 2024 IDC MarketScape for SIEM for Enterprise
Splunk is ranked #1 for the fourth year in a row in the IDC Worldwide Security Information and Event Management Market Shares, 2023: The Leaders in SIEM City report!
Threat Hunting for Dictionary-DGA with PEAK
Explore applied model-assisted threat hunting for dictionary-based domain generation algorithms using the SURGe Security Research Team's PEAK Threat Hunting Framework.
Conti Threat Research Update and Detections
In this blog, the Splunk Threat Research team will show you how to use Splunk Attack Range to simulate cyber attacks from the Conti Ransomware group. It will also have pre-built detections that you can use to detect them in your environment.