Splunk Enterprise users can now tap into the unique network security insights available from the Scirius Security Platform™ as well as open source Suricata sensors
Stamus Networks, a fast-growing cybersecurity software company, today announced the general availability of its application for Splunk – enabling threat hunters, incident responders and other security practitioners who use Splunk to easily gain access to the data and insights provided by Scirius Security Platform (SSP) or Suricata to more effectively do their job. The Stamus Networks App for Splunk is available immediately on Splunkbase.
“Many of our customers have been using Splunk for some time to view the basic data provided by Stamus Networks Probes through their direct Splunk connection,” said Éric Leblond, co-founder and chief technology officer of Stamus Networks. “But, in order to unlock access to the advanced consolidated network capabilities of Scirius Security Platform, including host-centric insights and advanced high-fidelity threat detection, we needed to provide a custom application that adheres to Splunk’s Common Information Model.”
Read More: COVID-19 Cyber security – How Enterprises Can Combat the New Threat Landscape
In addition to providing numerous reports and dashboards for the Scirius Security Platform, the Stamus Networks Splunk App also provides a powerful set of dashboards for users of the open source Suricata IDS/NSM. These dashboards include one specifically designed to assist Zeek users in becoming familiar with the advanced Suricata network security monitoring features such as TLS information from SMB or Kerberos activity, HTTP hosts and many other protocol transactions.