Welcome to the new Splunkbase! To return to the old Splunkbase, click here.
Collections
Apps
Submit an app
Warning

This app is archived. Learn more

Forescout OT Network Security Monitoring for Splunk app icon

Forescout OT Network Security Monitoring for Splunk

The Forescout OT Network Security Monitoring App for Splunk (Forescout OT NSM App) enables users to act on OT/ICS threats and vulnerabilities using three intuitive Splunk dashboards. By integrating configurable alert data from Forescout eyeInspect (previously named SilentDefense) with device information and other relevant network activity, this App provides Splunk users with unparalleled contextual information required to identify threats, manage remediation workflows and secure their ICS environment.

Built by Forescout Technologies
splunk product badge
screenshot
screenshot
screenshot
Latest Version 1.1.1
April 19, 2022
Compatibility
Not Available
Platform Version: 9.4, 9.3, 9.2, 9.1, 9.0, 8.2, 8.1, 8.0
CIM Version: 5.x, 4.x
Rating

0

(0)

Log in to rate this app
Support
Forescout OT Network Security Monitoring for Splunk support icon
Not Supported
The Forescout OT Network Security Monitoring App for Splunk (Forescout OT NSM App) enables users to act on OT/ICS threats and vulnerabilities using three intuitive Splunk dashboards. By integrating configurable alert data from Forescout eyeInspect (previously named SilentDefense) with device information and other relevant network activity, this App provides Splunk users with unparalleled contextual information required to identify threats, manage remediation workflows and secure their ICS environment. The Forescout OT NSM App for Splunk is the ideal solution for industrial asset owners who want to integrate rich OT asset intelligence and threat detection data from across all OT sites within Splunk. Users can leverage the exceptional OT asset and threat data from Forescout eyeInspect to increase compliance and defend their OT/ICS networks from both operational failures and cyberattacks, such as Ripple 20, EKANS, WannaCry, NotPetya, TRITON and many more. The Forescout OT NSM App for Splunk contains three pre-built Splunk Dashboards: - The Security Dashboard helps the user to identify alert trends and correlate them with other network activity, enabling a faster detection of anomalies, cyber threats, dangerous commands sent to OT devices and device misbehavior. It allows to reduce Mean Time to Response by providing the context needed to determine the best mitigation action - The Asset Inventory Dashboard lets analysts access high-value device information and context to better identify unexpected changes in the network, prioritize investigations, and quickly acknowledge new assets, communication patterns, or protocols seen within the network to help asset inventory and maintenance processes. - The Administrative Dashboard provides deep insights on system health status and user activity performed on the Forescout eyeInspect appliances, to prevent system failure and detect undesired user activity. The Forescout OT NSM App for Splunk automatically maps data to the Splunk Common Information Model (CIM) and the Splunk OT Asset Model. Valuable Forescout eyeInspect alerts and asset data can also be easily leveraged by other Splunk Apps and Add-ons such as Splunk Enterprise Security and OT Security Add-on for Splunk.

Categories

Created By

Forescout Technologies

Type

app

Downloads

1,147

Licensing

Splunk Answers

Resources

Log in to report this app listing