FireEye TAP Integrates with NXLog; Improves Threat Detection and Incident Response

By CIOReview | Tuesday, January 20, 2015
914
1460
291

MILPITAS, CA: FireEye, a network security company has announced that it would be integrating NXLog –a multi-platform log management solution- with its Threat Analytics Platform (TAP) –a security data analytics solution- to help organizations in better threat detection, and improved incident response.

This integration is designed to allow security teams of organizations to feed NXLog network event log data of all formats into FireEye TAP, and assist them in identification of cyber attacks and investigation of breaches. NXLog, the modular C-based programming which is compatible with Windows, Mac OSX, Linux and other operating systems supports multiple log formats like Syslog, Comma-separated values (CSV), JSON (JavaScript Object Notation), EXtensible Markup Language (XML), and Graylog Extended Log Format (GELF).

The log collector and forwarder comes with on-disk and memory buffering with flow control; file handling, log rotation, CRON-style scheduling and scripting SSL message transport with certificate authentication; and message transport compression. The other key features of NXLog are Hypertext Transfer Protocol (HTTP) support, on-the-wire compression for bandwidth constrained environments event correlation and remote management capabilities.

These capabilities complement FireEye TAP which provides real-time threat intelligence, higher levels of threat visibility, and prioritized alerts that can lead to enhanced incident response. The Threat Analytics Platform is designed to offer organized aggregation of event data; assigning, tracking, and measuring of task efficiency; and a cohesive threat response plan from by making effective use of prevalent enterprise security infrastructure.

“By integrating TAP with NXLog, we’re able to increase the data sources available to TAP and provide more visibility in near-real time to security teams to help them identify attacks before a breach occurs,” says Grady Summers, Vice president, strategic solutions, FireEye.