Sophos Central Adds Support for SIEMs (Splunk, ArcSight, etc)
Sophos Central has integrated many of the products a business needs to stay secure. However, we realize that many organizations have products from multiple vendors and leverage a SIEM (security information and event management) to try to make sense of all the security events produced by all those disparate products.
With data flowing fast, IT teams face a big challenge when it comes to maintaining some semblance of coherent visibility into the vast amounts of information they’re constantly receiving from all their different vendor products.
In that spirit, we’re pleased to announce that SIEM integration has been added to Sophos Central. Whether you use Splunk, ArcSight, or any other major SIEM, you’ll find it easy to connect to Sophos Central. You’ll get real-time insight into the events and alerts for all your Sophos Central products. It’s one integration whether you’re using Endpoint Advanced, or Wireless, or our next gen endpoint, Intercept X, or Email protection, or Encryption… they all work together so it’s a single integration.
Setup couldn’t be easier. Take a look at this short demo video to get an idea of how to get SIEM integration up and running within your organization:
We put a lot of thought and hard work into our SIEM integration solution and we hope you enjoy its benefits as much as we enjoyed building it. With our recently released audit logs and RBAC features, SIEM integration is yet another step forward as we seek to improve the efficiency of IT teams large and small.
You can read the original article, here.