SIEM and Analytics

Zscaler and SIEM and Analytics

For organizations that need to transfer their Zscaler weblogs to the enterprise SIEM, Zscaler provides Nanolog Streaming Service (NSS) as an optional add-on feature. NSS requires that a virtual appliance is installed within the customer’s network. NSS connects to the cloud and streams in all logs for the company, passing them to the corporate SIEM or other storage devices in near-real time.

By using NSS, Zscaler customers can send weblog data to the SIEM to facilitate log correlation from multiple sources, thus allowing organizations to analyze traffic patterns across their entire networks. Additionally, organizations can leverage weblog data in the SIEM to conduct extended historical analyses (> 6 months). Zscaler customers can also ensure compliance with regulatory mandates through local log archival.

AlienVault has simplified the way organizations detect and respond to today’s ever-evolving threat landscape. Our unique and award-winning approach, trusted by thousands of customers, combines the essential security controls of our all-in-one platform, AlienVault Unified Security Management, with the power of AlienVault’s Open Threat Exchange, the world’s largest crowd-sourced threat intelligence community, making effective and affordable threat detection attainable for resource-constrained IT teams. AlienVault, Open Threat Exchange, OTX, Unified Security Management, and USM are trademarks of AlienVault and/or its affiliates. Other names may be trademarks of their respective owners.

HP ArcSight is a leading provider of compliance and security management solutions that protect enterprises. We help customers comply with regulations, safeguard their assets, and control risk by collecting and correlating event data across the enterprise. We help businesses identify, prioritize, and respond to breaches, compliance violations and insider threats. Read the ArcSight Solution Brief.

BT is one of the world’s leading providers of communications services and solutions, serving customers in more than 170 countries. Its principal activities include the provision of networked IT services globally; local, national and international telecommunications services to its customers for use at home, at work and on the move; broadband, TV and internet products and services; and converged fixed/mobile products and services. BT consists principally of five lines of business: BT Global Services, BT Business, BT Consumer, BT Wholesale and Openreach. Read the BT solution brief.

LogRhythm, a leader in security intelligence and analytics, empowers organizations around the globe to rapidly detect, respond to, and neutralize damaging cyber threats. The company’s award-winning platform unifies next-generation SIEM, log management, network and endpoint forensics, and advanced security analytics. In addition to protecting customers from the risks associated with cyber threats, LogRhythm provides innovative compliance automation and assurance, and enhanced IT intelligence.

IBM Security QRadar SIEM is a distributed enterprise Security Information and Event Management solution that provides contextual and actionable surveillance across the entire IT infrastructure, helping organizations detect and remediate threats often missed by other security solutions. The software automatically discovers most network log source devices and inspects network flow data to find and classify valid network hosts (assets)—tracking the applications, protocols, services and ports they use. It collects, stores and analyzes data performing real-time event correlation for threat detection and compliance reporting. Billions of daily events and flows are typically prioritized into just a handful of actionable offenses. Read the QRadar Solution Brief or watch the QRadar RSA2014 Presentation Video.

RSA, The Security Division of EMC, is the premier provider of intelligence-driven security solutions. RSA helps the world’s leading organizations solve their most complex and sensitive security challenges: managing organizational risk, safeguarding mobile access and collaboration, preventing online fraud, and defending against advanced threats. RSA delivers agile controls for identity assurance, fraud detection, and data protection; robust Security Analytics and industry-leading GRC capabilities; and expert consulting and advisory services.

Splunk Inc. (NASDAQ: SPLK) provides the engine for machine data. Splunk software collects, indexes and harnesses the machine-generated big data coming from the websites, applications, servers, networks, sensors and mobile devices that power business. Splunk software enables organizations to monitor, search, analyze, visualize and act on massive streams of real-time and historical machine data. 5,600 enterprises, universities, government agencies and service providers in over 90 countries use Splunk Enterprise to gain Operational Intelligence that deepens business and customer understanding, improves service and uptime, reduces cost and mitigates cybersecurity risk. Splunk Storm, a cloud-based subscription service, is used by organizations developing and running applications in the cloud. Read the Splunk Solution Brief.

Symantec Corporation (NASDAQ: SYMC) is an information protection expert that helps people, businesses and governments seeking the freedom to unlock the opportunities technology brings -- anytime, anywhere. Founded in April 1982, Symantec, a Fortune 500 company, operating one of the largest global data-intelligence networks, has provided leading security, backup and availability solutions for where vital information is stored, accessed and shared. The company's more than 20,000 employees reside in more than 50 countries. Ninety-nine percent of Fortune 500 companies are Symantec customers. In fiscal 2014, it recorded revenues of $6.7 billion. Read the Symantec event collector Quick Start Guide for Zscaler Cloud Web Security.