OTHER SIEM INTEGRATION CASE STUDIES
Pulse Secure integration (Add-on) with SplunkIntegration with LogRhythm
Secure Access Platform integration(Add-on and App ) with Splunk
CASB Platform integration (Add-on and App ) with Splunk
DNS Platform integration (App ) with Splunk
Business Risk Intelligence Platform integration ( Add-on) with Splunk
Infrastructure Monitoring Platform integration ( Add-on) with Splunk
Categories
Customer
Customer is a leading Threat Intelligence platform, delivers next-generation endpoint security and threat intelligence services to protect businesses and individuals around the globe.
Requirement
Client requested for the integration of their Threat Intelligence product with the HP ArcSight so that their clients can view and leverage the Threat Intelligence in their existing ArcSight platform
Technology Solution
Sacumen developed the Connector for customer’s Threat Intelligence product for integration with HP ArcSight ESM using CEF ( Common Events Format)
Threat Intelligence Connector ( to provide REST interface) developed using JAVA to send the CEF Syslog data to HP Arcsight Syslog Connector
Automatically correlate internal and external network events using prioritized real-time IP threat intelligence with contextual information to detect malicious IP threats for investigation
IP Correlation component developed using HP ArcSight Console
Built dashboards to display alerts and other relevant information. The nature of the reports and dashboards developed was in line with the model provided by HP ArcSight Console
info@sacumen.com
+91 80 4976 5878
There are no reviews yet.