TMCnet News
FireEye introduces new FireEye App for Splunk Enterprise [ITWeb](ITWeb Via Acquire Media NewsEdge) Exponant Information Security Solutions (EISS), a company that is focused on the provision of data-centric security solutions based on world-class technologies and proven methodologies and an authorised reseller for FireEye and Splunk, recently announced FireEye's new app for Splunk Enterprise. The FireEye App for Splunk Enterprise leverages Splunk's unique big data capabilities to more rapidly detect advanced threats targeted against organisations of all sizes. Drawing on data from the FireEye Threat Prevention Platform; network, e-mail, content and endpoint security, as well as FireEye Forensic Analysis; the FireEye App for Splunk Enterprise allows organisations to visualise internal and external threats and unearth threat patterns in FireEye data by leveraging Splunk Enterprise's ability to correlate multiple data sources from across their IT infrastructure. "As the threat landscape becomes even more layered and complex, FireEye and Splunk are expanding their relationship and accelerating collaboration around advanced threat protection," explained Deon La Grange, Country Manager Southern Africa Region, FireEye. "Together, FireEye and Splunk give organisations the expertise and intelligence to make organisations more resilient to modern attacks." "Analysing machine data from across an entire organisation and utilising advanced threat intelligence is key to strong security," added Wolfgang Selzer, Managing Director of EISS. "The alliance between Splunk and FireEye helps our joint customers better identify malicious activities, potentially reducing the impact of breaches from months to minutes." "As threat groups become more sophisticated, the need to provide visibility across both IT and security systems so that a complete picture of any potential attack is possible, is very important," continued La Grange. "The combination of Splunk and FireEye provides our customers' incident responders with the capability to rapidly analyse incident data, correlate the indicators to identify affected systems, and respond in near-to-real-time." The FireEye App for Splunk Enterprise is designed to help secure enterprises with the following features: * A holistic view on the security posture. It combines, integrates and correlates FireEye data with all other data, including FireEye meta-data, malware events, and data on known and new threats. Data in Splunk Enterprise includes machine data from IT and business systems distributed across the enterprise. * The shortening of incident detection and reporting. It responds to incidents faster and streamlines reporting by aggregating FireEye original data and long-time horizon events. * A unified interactive user experience. It visualises and analyses data across multiple FireEye platforms through a single Splunk interface with extensive search capabilities, risk prioritisation and threat trends to shorten security response times and streamline reporting needs. * The ability to determine malware impact in the organisation. The FireEye App for Splunk Enterprise provides insight into raw data about malware, allowing customers to drill down into patterns, alerts and data across the enterprise and show the impact of malware events on the rest of the organisation. For further information, please contact Wolfgang Selzer; tel. 012 663 0160; fax 012 663 5678; e-mail [email protected] (mailto:[email protected]) (c) 2014 ITWeb Limited. All rights reserved. Provided by SyndiGate Media Inc. (Syndigate.info). |