Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Network Security

Solera Networks Integrates its Network Forensics Appliances with Splunk

Solera Networks, a provider of network forensics solutions, has released a new app enabling customers using its Solera DS Appliance to integrate security alerts coming from the popular Splunk platform.

Solera Networks, a provider of network forensics solutions, has released a new app enabling customers using its Solera DS Appliance to integrate security alerts coming from the popular Splunk platform.

Solera Networks LogoAnnounced at the Black Hat conference in Washington DC earlier this week, the Solera DeepSee™ App for Splunk enables in-depth root cause analysis and investigation into any security alert managed through the Splunk platform. The free download adds an “investigate” button to quickly pivot users from any event to a Solera DS Appliance.

Splunk is operational intelligence software used to monitor, report and analyze live streaming IT data. Earlier this week Splunk announced that it added over 900 new customers in 2010, bringing the total to over 2,300 customers in 74 countries.

Splunk provides the ability to manage event data from a wide array of network security devices, including firewalls, intrusion detection/prevention (IDS/IPS) systems, servers, web gateways, and other network and security devices. With Splunk, system administrators and security professionals can navigate and search through log files, alerts, and other “meta data” describing the network event. The integration with Solera DeepSee allows these professionals to start from a high-level description in Splunk and drill down to a full-fidelity transcript and reconstruction of the network at the time of the event.

Network Forensics ApplianceSolera DS Appliances enable IT teams to classify, store, and recreate every packet of network data that crosses the network, currently at speeds up to 10Gbps across physical and virtual networks.

“This integration with Splunk is a major move forward in our ability to combat and blunt the effects of the types of threats we are seeing today,” said Steve Shillingford, President and CEO of Solera Networks. “Splunk collects all the event data from the network and the integration allows you to then pivot from that data to the actual network traffic that is recorded, indexed and classified on Solera DS Appliances. From there you then investigate the events with the depth and clarity provided by Solera DeepSee. The root cause and scope of the event is identified, actual evidence and artifacts are uncovered, and time to remediation is drastically reduced.”

The new Solera DeepSee App for Splunk is free and available on Splunkbase for download and works with any of the Solera DS Appliances, including the Solera DS Virtual Appliance.

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Network Security

NSA publishes guidance to help system administrators identify and mitigate cyber risks associated with transitioning to IPv6.

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Cybersecurity Funding

Forward Networks, a company that provides network security and reliability solutions, has raised $50 million from several investors.

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

Network Security

Cisco patched a high-severity SQL injection vulnerability in Unified Communications Manager (CM) and Unified Communications Manager Session Management Edition (CM SME).

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...