Zscaler and SIEM and Analytics
For organizations that need to transfer their Zscaler weblogs to the enterprise SIEM, Zscaler provides Nanolog Streaming Service (NSS) as an optional add-on feature. NSS requires that a virtual appliance is installed within the customer’s network. NSS connects to the cloud and streams in all logs for the company, passing them to the corporate SIEM or other storage devices in near-real time.
By using NSS, Zscaler customers can send weblog data to the SIEM to facilitate log correlation from multiple sources, thus allowing organizations to analyze traffic patterns across their entire networks. Additionally, organizations can leverage weblog data in the SIEM to conduct extended historical analyses (> 6 months). Zscaler customers can also ensure compliance with regulatory mandates through local log archival.
AlienVault has simplified the way organizations detect and respond to today’s ever-evolving threat landscape. Our unique and award-winning approach, trusted by thousands of customers, combines the essential security controls of our all-in-one platform, AlienVault Unified Security Management, with the power of AlienVault’s Open Threat Exchange, the world’s largest crowd-sourced threat intelligence community, making effective and affordable threat detection attainable for resource-constrained IT teams. Read more about the Zscaler and AlienVault partnership.
Arcsight from Microfocus is a leading provider of compliance and security management solutions that protect enterprises. We help customers comply with regulations, safeguard their assets, and control risk by collecting and correlating event data across the enterprise. We help businesses identify, prioritize, and respond to breaches, compliance violations and insider threats. Read the ArcSight Solution Brief.
BT is one of the world’s leading providers of communications services and solutions, serving customers in more than 170 countries. Its principal activities include the provision of networked IT services globally; local, national and international telecommunications services to its customers for use at home, at work and on the move; broadband, TV and internet products and services; and converged fixed/mobile products and services. BT consists principally of five lines of business: BT Global Services, BT Business, BT Consumer, BT Wholesale and Openreach. Read the BT solution brief.
Exabeam provides security intelligence and management solutions to help organizations of any size protect their most valuable information. The Exabeam Security Intelligence Platform uniquely combines a data lake for unlimited data collection at a predictable price, machine learning for advanced analytics, and automated incident response into an integrated set of products. The result is the first modern security intelligence solution that delivers where legacy SIEM vendors have failed. Learn more at exabeam.com.
JASK is modernizing security operations by delivering an advanced SIEM platform that provides better visibility, better automation, and a better architecture. Built on cloud-native technologies, the JASK ASOC platform streamlines security analyst workflows by automating many of the repetitive tasks that restrict productivity, freeing them for higher-value roles like threat hunting and vulnerability management, while addressing the escalating talent shortage. Learn more at www.jask.com.
IBM Security QRadar SIEM is a distributed enterprise Security Information and Event Management solution that provides contextual and actionable surveillance across the entire IT infrastructure, helping organizations detect and remediate threats often missed by other security solutions. The software automatically discovers most network log source devices and inspects network flow data to find and classify valid network hosts (assets)—tracking the applications, protocols, services and ports they use. It collects, stores and analyzes data performing real-time event correlation for threat detection and compliance reporting. Billions of daily events and flows are typically prioritized into just a handful of actionable offenses. Read the QRadar Solution Brief and Solution Deployment Guide, or watch the QRadar RSA Presentation Video.
Splunk Inc. (NASDAQ: SPLK) provides the engine for machine data. Splunk software collects, indexes and harnesses the machine-generated big data coming from the websites, applications, servers, networks, sensors and mobile devices that power business. Splunk software enables organizations to monitor, search, analyze, visualize and act on massive streams of real-time and historical machine data. 5,600 enterprises, universities, government agencies and service providers in over 90 countries use Splunk Enterprise to gain Operational Intelligence that deepens business and customer understanding, improves service and uptime, reduces cost and mitigates cybersecurity risk. Splunk Storm, a cloud-based subscription service, is used by organizations developing and running applications in the cloud. Read the Splunk Solution Brief and Solution Deployment Guide.
Sumo Logic is a secure, cloud-native, machine data analytics service, delivering real-time, continuous intelligence from structured, semi-structured and unstructured data across the entire application lifecycle and stack. More than 1,200 customers around the globe rely on Sumo Logic for the analytics and insights to build, run and secure their modern applications and cloud infrastructures. With Sumo Logic, customers gain a multi-tenant, service-model advantage to accelerate their shift to continuous innovation, increasing competitive advantage, business value and growth. Read the Sumo Logic Solution brief, Solution Deployment Guide and review the valuable Web Security Dashboards provided out of the box.