Cisco Security Suite 3.0.2 now includes Cisco IronPort Email Security Appliance (ESA) Data

The Cisco Security Suite app continues to get updated for Splunk 6.x. The latest addition is support to Cisco IronPort Email Security Appliance (ESA). A new add-on has been published that provides Common Information Model compliant field extractions and tags for data from Cisco ESA. So now, the Cisco Security Suite supports:

Also, with each release, we incorporate more feedback about documentation. So, in addition to documentation found within the Cisco Security Suite app itself, a subset of “getting started” documentation has been published under the Documentation tab on http://apps.splunk.com/app/525/.

Stay tuned, there is more to come…

Related Articles

Splunk SOAR Playbooks: Conducting an Azure New User Census
Security
3 Minute Read

Splunk SOAR Playbooks: Conducting an Azure New User Census

Learn how to use automated playbooks to monitor new user accounts to ensure that threat actors like Hafnium cannot leverage the Active Directory system to exploit vulnerabilities.
What's New with Splunk Enterprise Security 6.6?
Security
3 Minute Read

What's New with Splunk Enterprise Security 6.6?

Learn about the latest and greatest features of Splunk Enterprise Security 6.6.
Ghost in the Web Shell: Introducing ShellSweep
Security
7 Minute Read

Ghost in the Web Shell: Introducing ShellSweep

Splunk introduces ShellSweep, a suite of utilities designed to detect and combat malicious web shells in servers.