This app is archived. Learn more

RedSeal App for Incident Investigation

RedSeal’s platform builds an accurate, up-to-date model of an organization’s entire as-built network to visualize access paths and prioritize what to fix, to protect your most valuable assets. Through RedSeal’s integration with Splunk, this App helps to accelerate Incident Response by providing security and network access context for incidents: 1) Lists all downstream critical assets reachable from the threat source by topology groups 2) Displays exact access paths from a threat source to each reachable target, and identifies the specific firewall(s) and configuration rules to help remediate and prevent the Incident from becoming a breach 3) Provides a dashboard to display security metrics, including your network’s ‘Digital Resilience Score’ This app requires Splunk Enterprise Security. Compatible with Splunk Enterprise Security: 5.3.1 - 6.2.0

Built by RedSeal Inc Team

Latest Version 1.2.0

July 29, 2020

Release notes

Compatibility

Not Available

Platform Version: 8.0, 7.3

Rating

0

(0)

Log in to rate this app

Support

Not Supported

Learn more

RedSeal’s platform builds an accurate, up-to-date model of an organization’s entire as-built network to visualize access paths and prioritize what to fix, to protect your most valuable assets. Through RedSeal’s integration with Splunk, this App helps to accelerate Incident Response by providing security and network access context for incidents: 1) Lists all downstream critical assets reachable from the threat source by topology groups 2) Displays exact access paths from a threat source to each reachable target, and identifies the specific firewall(s) and configuration rules to help remediate and prevent the Incident from becoming a breach 3) Provides a dashboard to display security metrics, including your network’s ‘Digital Resilience Score’ This app requires Splunk Enterprise Security. Compatible with Splunk Enterprise Security: 5.3.1 - 6.2.0