Cisco Security Suite 3.0.2 now includes Cisco IronPort Email Security Appliance (ESA) Data
Security Jason CongerThe Cisco Security Suite app continues to get updated for Splunk 6.x. The latest addition is support to Cisco IronPort Email Security Appliance (ESA). A new add-on has been published that provides Common Information Model compliant field extractions and tags for data from Cisco ESA. So now, the Cisco Security Suite supports:
- Cisco ASA and PIX firewall appliances, the FWSM firewall services module
- WSA web security appliance
- Cisco IronPort Email Security Appliance (ESA)
- Cisco Identity Services Engine (ISE)
Also, with each release, we incorporate more feedback about documentation. So, in addition to documentation found within the Cisco Security Suite app itself, a subset of “getting started” documentation has been published under the Documentation tab on http://apps.splunk.com/app/525/.
Stay tuned, there is more to come…
Title
Related Articles
Filter
Category
Blog Limit
3
Category
security
Sort Category Shuffle Order
true
Related Articles
Splunk Ranked Number 1 in the 2024 Gartner® Critical Capabilities for Security Information and Event Management
Splunk was ranked as the #1 SIEM solution in all three Use Cases in the 2024 Gartner® Critical Capabilities for Security Information and Event Management report.
Old School vs. New School
The Splunk SURGe team examines the claim that generative AI will empower threat actors to improve the scale and/or efficiency of their spear-phishing campaigns.
Using Workflow Actions & OSINT for Threat Hunting in Splunk
Two things will make you a more efficient & effective security analyst: OSINT and workflow actions in Splunk. We've got you covered in this article.