Zero trust security

Make it possible

Your Mission
Partners > Technology > SIEM And Analytics

SIEM and Analytics

Zscaler and SIEM and Analytics

For organizations that need to transfer their Zscaler weblogs to the enterprise SIEM, Zscaler provides Nanolog Streaming Service (NSS) as an optional add-on feature. NSS requires that a virtual appliance is installed within the customer’s network. NSS connects to the cloud and streams in all logs for the company, passing them to the corporate SIEM or other storage devices in near-real time.

By using NSS, Zscaler customers can send weblog data to the SIEM to facilitate log correlation from multiple sources, thus allowing organizations to analyze traffic patterns across their entire networks. Additionally, organizations can leverage weblog data in the SIEM to conduct extended historical analyses (> 6 months). Zscaler customers can also ensure compliance with regulatory mandates through local log archival.

AlienVault has simplified the way organizations detect and respond to today’s ever-evolving threat landscape. Our unique and award-winning approach, trusted by thousands of customers, combines the essential security controls of our all-in-one platform, AlienVault Unified Security Management, with the power of AlienVault’s Open Threat Exchange, the world’s largest crowd-sourced threat intelligence community, making effective and affordable threat detection attainable for resource-constrained IT teams. Read more about the Zscaler and AlienVault partnership.

HP ArcSight is a leading provider of compliance and security management solutions that protect enterprises. We help customers comply with regulations, safeguard their assets, and control risk by collecting and correlating event data across the enterprise. We help businesses identify, prioritize, and respond to breaches, compliance violations and insider threats. Read the ArcSight Solution Brief.

BT is one of the world’s leading providers of communications services and solutions, serving customers in more than 170 countries. Its principal activities include the provision of networked IT services globally; local, national and international telecommunications services to its customers for use at home, at work and on the move; broadband, TV and internet products and services; and converged fixed/mobile products and services. BT consists principally of five lines of business: BT Global Services, BT Business, BT Consumer, BT Wholesale and Openreach. Read the BT solution brief.

LogRhythm, a leader in security intelligence and analytics, empowers organizations around the globe to rapidly detect, respond to, and neutralize damaging cyber threats. The company’s award-winning platform unifies next-generation SIEM, log management, network and endpoint forensics, and advanced security analytics. In addition to protecting customers from the risks associated with cyber threats, LogRhythm provides innovative compliance automation and assurance, and enhanced IT intelligence.

IBM Security QRadar SIEM is a distributed enterprise Security Information and Event Management solution that provides contextual and actionable surveillance across the entire IT infrastructure, helping organizations detect and remediate threats often missed by other security solutions. The software automatically discovers most network log source devices and inspects network flow data to find and classify valid network hosts (assets)—tracking the applications, protocols, services and ports they use. It collects, stores and analyzes data performing real-time event correlation for threat detection and compliance reporting. Billions of daily events and flows are typically prioritized into just a handful of actionable offenses. Read the QRadar Solution Brief and Solution Deployment Guide, or watch the QRadar RSA Presentation Video.

RSA, The Security Division of EMC, is the premier provider of intelligence-driven security solutions. RSA helps the world’s leading organizations solve their most complex and sensitive security challenges: managing organizational risk, safeguarding mobile access and collaboration, preventing online fraud, and defending against advanced threats. RSA delivers agile controls for identity assurance, fraud detection, and data protection; robust Security Analytics and industry-leading GRC capabilities; and expert consulting and advisory services.

Splunk Inc. (NASDAQ: SPLK) provides the engine for machine data. Splunk software collects, indexes and harnesses the machine-generated big data coming from the websites, applications, servers, networks, sensors and mobile devices that power business. Splunk software enables organizations to monitor, search, analyze, visualize and act on massive streams of real-time and historical machine data. 5,600 enterprises, universities, government agencies and service providers in over 90 countries use Splunk Enterprise to gain Operational Intelligence that deepens business and customer understanding, improves service and uptime, reduces cost and mitigates cybersecurity risk. Splunk Storm, a cloud-based subscription service, is used by organizations developing and running applications in the cloud. Read the Splunk Solution Brief and Solution Deployment Guide.

Sumo Logic is a secure, cloud-native, machine data analytics service, delivering real-time, continuous intelligence from structured, semi-structured and unstructured data across the entire application lifecycle and stack. More than 1,200 customers around the globe rely on Sumo Logic for the analytics and insights to build, run and secure their modern applications and cloud infrastructures. With Sumo Logic, customers gain a multi-tenant, service-model advantage to accelerate their shift to continuous innovation, increasing competitive advantage, business value and growth. Read the Sumo Logic Solution brief, Solution Deployment Guide and review the valuable Web Security Dashboards provided out of the box.