Adaptive Response using Splunk Enterprise Security

Home
Data Sheets
Adaptive Response using Splunk Enterprise Security

Crest worked with one of the security start-ups who are the leading provider of NAC (Network Access Control) solutions. Their product provides physical and/or virtual security solution that can identify the network devices such as notebooks, smartphones, tablets and all possible Internet of Things (IoT) devices when they join the network.

Crest provided a comprehensive solution which uses the power of Splunk Enterprise Security and Adaptive Response along with their product capabilities to enable their customers monitor real time NAC-related events, identify threats, and remediate by taking corrective action on the endpoints.

Following examples highlight few threats which could occur in customer deployment are handled by this solution:

When number of authentication failures exceed the threshold pre-set by SOC admin, user can choose to take the action of notifying the administrator via email
When Malware is detected in the event, user can take the action of notifying the administrator via email
When Virus is detected in the event, user can take the action of notifying the administrator via email
When a bad DNS request comes in the event from a particular host, user can take the action of blocking the outgoing traffic from that host.

CONTACT OUR EXPERTS –

We’d love to hear about your project and help you get started.

Contact our sales team to discuss your business requirements.

OFFERINGS

Technology Domains

Technology Platforms

OFFERINGS

Technology Domains

Technology Platforms

Adaptive Response using Splunk Enterprise Security

CONTACT OUR EXPERTS –

We’d love to hear about your project and help you get started.

See what Crest Data Systems can do for you

Our Services

Product Engineering Services

Managed Services

Professional Services

DevOps

Site Reliability Engineering

Company Information

About Us

Blogs

Partnerships

Careers

Contact Us

Social Media