Splunk and ForeScout partner on big data and security intelligence
Posted on 02 October 2013.
ForeScout announced a technology partnership with Splunk. In conjunction with the partnership, ForeScout has made available bi-directional integration between ForeScout CounterACT and Splunk Enterprise and a new ForeScout App for Splunk Enterprise.


ForeScout CounterACT helps organizations gain complete visibility for all devices, users, systems and applications attempting to connect to or on an enterprise network – wired or wireless, managed or unmanaged, PC or mobile.

Devices are dynamically discovered, classified, profiled and assessed without requiring agents. CounterACT applies policy-based controls to: allow, limit or block access; manage guests and BYOD users; monitor and enforce endpoint compliance and mitigate violations and exposures.

All captured information, as well as event logs, can be sent to Splunk Enterprise for data analysis, reporting and optimized retention. In addition, operators can enable Splunk Enterprise to communicate with CounterACT to directly mitigate security issues. As a result, IT organizations can make their data truly actionable.

The ForeScout App for Splunk Enterprise allows customers to easily use and create a wide variety of operational dashboards and reports which take advantage of Splunk Enterprise to efficiently analyze, visualize and store huge volumes of identity, device, application, access and violation data generated by ForeScout CounterACT.

Security analysts can combine this information with other big data sources for real-time monitoring and to conduct historical searches to identify advanced threats, fraud and other security exposures. Furthermore, Splunk can be easily configured to send triggered event data to ForeScout CounterACT in order to remediate endpoint security issues, isolate breached systems or trigger other policy-based controls.

"In today’s threat landscape, all data is security relevant and requires a solution that delivers real-time insights. ForeScout CounterACT provides visibility to network and endpoint activity that our customers can use to augment their Splunk analytics in order to monitor for critical security issues and expedite investigations," said Bill Gaylord, senior vice president of business development at Splunk. "Leveraging the interoperability of Splunk Enterprise and ForeScout not only helps expand the surface area for customers to more rapidly and confidently identify problems but also automates controls to directly mitigate threats."





Spotlight

Leveraging network intelligence and deep packet inspection

Posted on 26 November 2014.  |  Tomer Saban, CEO of WireX Systems, talks about how deep packet inspection helps with identifying emerging threats, the role of network intelligence, and more.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Thu, Nov 27th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //