Since 2005, when Gartner coined the term, SIEM (Security Information and Event Management) applications have grown in importance for the security industry.
SIEM provides a centralized view to easily access and analyze security information from a large number of sources, and then prioritize mitigation efforts based on risk profiles. SIEM also helps organizations meet their security log analysis and incident/event reporting requirements.
What’s the Challenge?
SIEM is data-driven, but the analysis is only as good as the data that is being fed to the SIEM application. It remains crucial to get a holistic view of all applications and websites that are driving traffic to your network, but as online data continues to grow exponentially this holistic view grows ever more challenging.
This puts SIEM operators under a lot of pressure to identify and prevent security breaches. Akamai is driven to make their lives easier, and have our security solutions fit naturally into their workflows.
Today, we’re announcing SIEM integration with Akamai.
How Can SIEM Integration Help Me?
With SIEM Integration, Kona Site Defender customers can now use out-of-the-box connectors for Splunk and CEF Syslog. For customers with other SIEMs, they can use the SIEM API to capture security events generated on the Akamai platform.
Along with easy configuration, SIEM Integration also provides the following benefits:
- Retains security events for 12 hours with the ability to replay missed security events in case of data connectivity issues.
- Provides control over how often to make a call to SIEM API, and how many events to fetch in each call to avoid the SIEM application from being overloaded.
- Pre-filters security events based on security configuration and firewall policy so SIEM operators can focus on real threats.
To learn more, please visit the SIEM Integration page.