Since 2005, when Gartner coined the term, SIEM (Security Information and Event Management) solutions have grown in importance for the security industry.
SIEM solutions provide a centralized view to easily access and analyze security information from multiple sources, and then prioritize mitigation efforts based on risk profiles. SIEM also helps organizations meet their security log analysis and incident/event reporting requirements.
What’s the Challenge?
SIEM is fully data-driven, but the analysis performed and the actions taken are only as good as the data that is being fed to the SIEM solution. It remains crucial to get a holistic view of all applications and websites that are driving traffic to your network, but as online data continues to grow exponentially, it is more and more challenging to do so.
This trend puts security teams under a lot of pressure to identify and prevent security breaches across their infrastructure. Akamai is driven to make their lives easier, and have our security solutions fit naturally into their workflows.
Today, we’re announcing SIEM Integration for Akamai security solutions.
How Can SIEM Integration Help Me?
With SIEM Integration, Kona Site Defender, Web Application Protector and Client Reputation customers can now use out-of-the-box sample connectors for Splunk and CEF Syslog. For customers with other SIEM solutions, they can use the SIEM API to capture security events generated on the Akamai platform.
Along with easy, self-service configuration, SIEM Integration also provides the following benefits:
- Retains security events for 12 hours with the ability to replay missed security events in case of data connectivity issues.
- Provides control over how often to make a call to SIEM API, and how many events to fetch in each call to avoid the SIEM application from being overloaded.
To learn more, please visit the SIEM Integration page.
This is a Security Bloggers Network syndicated blog post authored by Parag Pathak. Read the original post at: The Akamai Blog