Cisco Security Suite 3.0.2 now includes Cisco IronPort Email Security Appliance (ESA) Data
The Cisco Security Suite app continues to get updated for Splunk 6.x. The latest addition is support to Cisco IronPort Email Security Appliance (ESA). A new add-on has been published that provides Common Information Model compliant field extractions and tags for data from Cisco ESA. So now, the Cisco Security Suite supports:
- Cisco ASA and PIX firewall appliances, the FWSM firewall services module
- WSA web security appliance
- Cisco IronPort Email Security Appliance (ESA)
- Cisco Identity Services Engine (ISE)
Also, with each release, we incorporate more feedback about documentation. So, in addition to documentation found within the Cisco Security Suite app itself, a subset of “getting started” documentation has been published under the Documentation tab on http://apps.splunk.com/app/525/.
Stay tuned, there is more to come…
Title
Related Articles
Filter
Category
Blog Limit
3
Category
security
Sort Category Shuffle Order
true
Related Articles
Defending Against npm Supply Chain Attacks: A Practical Guide to Detection, Emulation, and Analysis
Protect your software supply chain from npm attacks. Learn to use Package-Inferno and npm-threat-emulation for deep analysis and detection with Splunk SPL.
Delivering the Ultimate SOC Analyst Experience: Ending Fatigue with Splunk Enterprise Security
End SOC analyst fatigue with Splunk Enterprise Security. Discover how unified TDIR, Agentic AI, and automation transform security operations, streamline investigations, and empower your team.
Splunk Security Content for Threat Detection & Response: December Recap
In December, the Splunk Threat Research Team had 1 release of new security content via the Enterprise Security Content Update (ESCU) app.