Kiteworks CISO Dashboard

Overview

Details

The Kiteworks platform provides customers with a Private Content Network that delivers content governance, compliance, and protection with every send, share, receive and save. The platform unifies, tracks, controls, and secures sensitive content moving within, into, and out of their organization, significantly improving risk management and ensuring regulatory compliance on all sensitive content communications.
Use the Kiteworks Splunk App for real-time visibility of all sensitive content entering or leaving the enterprise via these communication channels.

The Kiteworks Enterprise Content Firewall enables secure third party communication across email, file sharing, enterprise apps, mobile, web forms, managed file transfer, and SFTP. Use the Kiteworks CISO Dashboard Splunk App for real-time visibility of all sensitive content entering or leaving the enterprise via these communication channels.

Powerful real-time and historical visualizations of all inbound and outbound file movement
Spot anomalies in volume, location, domain, user, and source
Automatic alerts on download scenarios fitting exfiltration patterns
All files from all connected systems, whether on-prem or in the cloud
All activity: who’s sending what to whom, when, and where
Even results of file scans for DLP, AV, ATP are logged and reportable

Drill down to take action on anomalies with ad hoc reports:

See all actionable details, including users, timestamps, and IP addresses
Visibility down to the file level, the closest you can get to the content

Get a demo

Setup
Please find installation documentation zipped in the download file

Integrates with your Kiteworks Enterprise deployment via the Splunk Universal Forwarder
Requires Kiteworks server 6.2 or higher. If you do not have an Accellion server, request an evaluation system from Accellion.
Requires the Kiteworks CISO Dashboard Add-On. The Add-On collects and indexes your Kiteworks instance’s syslog data. The Kiteworks CISO Dashboard App queries that indexed data in real-time.

Release Notes

Version 1.6.0

April 22, 2022

Important security updates:
- Updated Angular.js to version 1.8.2 to address a vulnerability in Angular.js versions prior to 1.8.0 (CVE-2020-7676).
- Updated jQuery libraries to version 3.6.0 to address a vulnerability in jQuery versions prior to 3.4.0 (CVE-2019-11358).
- Converted the existing HTML dashboard to SimpleXML to ensure compatibility with Splunk Cloud Platform.
Improved Alerts display and navigation through the CISO dashboard.
Added Alerts toggle to show/hide alerts on the CISO dashboard
Added ability to see the number of alerts in one location
Added ability to view alerts by generated date and filter by location or search strings
Added alert details card to display all alerts in the same location in one view
Added alert UUID to Alert Details card
Redesigned navigation menu for Map, Alerts, GDPR, and HIPAA
Added ability to export CSV report for selected view

Version 1.5.0

Sept. 25, 2020

Added Username filter for activities in Map View
Added ability to drill down from an Alert to a table of its associated user activities
Improved loading performance when displaying All Activity
Added IP address in Alert Details View
Improved CSV import
Bug fixes

Please note that minor IP-to-geolocation mapping differences between Splunk and Accellion can cause occasional alert location inconsistencies.

Version 1.4.0

April 24, 2020

Accellion Splunk CISO Add-On Version 1.4

Supports the new source type "Accellion:ACF:app" with the Accellion platform server 7.0 or above.
Supports the new suspicious download activity alert with the Accellion platform server 7.0 or above.
Bug fixes.

Please note that minor IP-to-geolocation mapping differences between Splunk and Accellion can cause occasional alert location inconsistencies.

Version 1.2.0

Jan. 8, 2020

Accellion Splunk CISO Dashboard App Version 1.2

The Admin can use the new "Map Configurations" feature to assign all unknown IP addresses in the Accellion Splunk CISO Dashboard to geographic locations. You can set them manually or import a CSV file for bulk mapping.
The new GDPR and HIPAA reports help you maintain compliance, and can save days of work preparing for audits. They are licensed offerings included in Accellion’s Advanced Governance Option package (see https://accellion.com/pricing for package details).

Version 1.0.0

Nov. 10, 2019

Requires Accellion server 6.2 or higher. Learn more at https://www.accellion.com.

Accellion’s CISO Dashboard App for Splunk now provides:
1. Splunk Forwarder integration with the Accellion server. It forwards all file, file scanner, user, administrative, and system events to Splunk.
2. Extensive real-time visualizations:
• Geographic view with zoom and pan displaying all file traffic, logins, failed logins, and send and receive activities.
• Filters by time range, client type, email domain, region, and pass/quarantine status.
• Detailed reports for files quarantined for malware or blocked by DLP.
• Detailed graphics for top users by activity type, top email domains by activity type, and time trends by activity type.

Drill-down reports for all file actions to show fine-grained details.

618

Downloads

Share Subscribe

Version

Built by

Kiteworks Developer

Support

Developer Supported

Contact Developer Questions on Splunk Answers Flag as inappropriate