OTHER SIEM INTEGRATION CASE STUDIES
Pulse Secure integration (Add-on) with SplunkIntegration with LogRhythm
Secure Access Platform integration(Add-on and App ) with Splunk
CASB Platform integration (Add-on and App ) with Splunk
DNS Platform integration (App ) with Splunk
Business Risk Intelligence Platform integration ( Add-on) with Splunk
Infrastructure Monitoring Platform integration ( Add-on) with Splunk
Categories
Customer
Customer is a leading CASB Monitoring solution provider. They have a platform that provides the ease of use, visibility, continuous monitoring and investigation tools that security and compliance teams need to do their jobs at DevOps speed. The platform seamlessly integrates into multiple Cloud environments and provides a single pane of glass view into a compliance posture.
Requirement
Client requested for the integration of their CASB product with the On-premise/Cloud-based QRadar so that they can monitor the Cloud through one SIEM console
Technology Solution
Sacumen developed the QRadar app that polls events data from the SQS service. Customer pushes the event data to SQS. Customer QRadar app write the event data in Syslog format over TCP
By configuring Customer log source to pick up the Syslog data and the custom event mapping feeds into QRadar, Customer event data is visible on QRadar console
QRadar app was developed for QRadar version 7.2.8 and above
Custom events regular expression configuration and other details packaged to make QRadar app deployment simpler
info@sacumen.com
+91 80 4976 5878
There are no reviews yet.