Cisco Security Suite 3.0.2 now includes Cisco IronPort Email Security Appliance (ESA) Data
Security Jason CongerThe Cisco Security Suite app continues to get updated for Splunk 6.x. The latest addition is support to Cisco IronPort Email Security Appliance (ESA). A new add-on has been published that provides Common Information Model compliant field extractions and tags for data from Cisco ESA. So now, the Cisco Security Suite supports:
- Cisco ASA and PIX firewall appliances, the FWSM firewall services module
- WSA web security appliance
- Cisco IronPort Email Security Appliance (ESA)
- Cisco Identity Services Engine (ISE)
Also, with each release, we incorporate more feedback about documentation. So, in addition to documentation found within the Cisco Security Suite app itself, a subset of “getting started” documentation has been published under the Documentation tab on http://apps.splunk.com/app/525/.
Stay tuned, there is more to come…
Title
Related Articles
Filter
Category
Blog Limit
3
Category
security
Sort Category Shuffle Order
true
Related Articles
Observability Meets Security: Build a Baseline To Climb the PEAK
Splunker James Hodgkinson looks at how to apply the baseline hunting process to some common O11y data sources and shows how the OpenTelemetry standard offers easier data analysis.
Active Directory Lateral Movement Detection: Threat Research Release, November 2021
The Splunk Threat Research Team recently updated the Active Directory Lateral Movement analytic story to help security operations center (SOC) analysts detect adversaries executing these techniques within Windows Active Directory (AD) environments.
Partner Spotlight: NCU-ISAO Members Gain Actionable Intelligence with TruSTAR
We recently spoke with Brian Hinze, NCU-ISAO Vice President, Member Services and Operations, to learn more about why NCU-ISAO chose TruSTAR for intelligence management, and how member organizations are using TruSTAR for information sharing and collaboration.