RedSeal Adaptive Response App for Incident Response

RedSeal’s platform builds an accurate, up-to-date model of an organization’s entire as-built network to visualize access paths and prioritize what to fix, to protect your most valuable assets. With identification of IoC within Splunk Enterprise Security, combine RedSeal’s powerful network access context to gain immediate visibility and access path to Critical Assets at risk and accelerate Incident Response. Three unique Adaptive response actions are provided to: Get important information on source or destination in events such as L2 information, applications, topology groups etc. Identify top reachable targets from the source, prioritized based on the network access risk View detailed network access path from source to any target asset, identifying the specific firewall(s) and the configuration rules to contain and prevent Incident from becoming a breach. This App leverages Adaptive Response framework provided by Splunk through Splunk Enterprise Security Suite (ES).