Cisco Security Suite 3.0.1 – Now with ISE
The Cisco Security Suite was recently updated to work with Splunk 6. As mentioned in the previous release, one release is not enough to get all the Cisco security related information integrated into the suite. With version 3.0.1 of the Cisco Security Suite, Cisco Identity Services Engine (ISE) has been added. Over 20 ISE-related dashboards have been integrated into the suite.
ISE is really powerful and adds a lot of additional data that can be correlated. For instance, say you have an IP address from somewhere in your environment. ISE can tell you which user is using that IP, what type of device the user is using, the posture of the device, and much more. Therefore, in addition to ISE being integrated into the Cisco Security Suite, a separate application has been published that focuses only on ISE.
Download Cisco Security Suite 3.0.1 here -> http://apps.splunk.com/app/525/
Download the ISE-only app here -> http://apps.splunk.com/app/1589/
Related Articles
Defending Against npm Supply Chain Attacks: A Practical Guide to Detection, Emulation, and Analysis
Delivering the Ultimate SOC Analyst Experience: Ending Fatigue with Splunk Enterprise Security
