EventTracker, a leading provider of comprehensive SIEM solutions, announced the general availability of a Knowledge Pack in support of OpenDNS Umbrella. OpenDNS, now a part of Cisco, is the world’s largest cloud-delivered security platform serving more than 65 million daily users spread across 160+ countries.
EventTracker supports OpenDNS Umbrella Insights and Umbrella Platform, monitoring DNS roaming and active directory users and generates reports for allowed, blocked and security activities. DNS Umbrella displays new network security activity in near real time with globally aggregated reports. Its ‘Security Insights’ feature pinpoints devices infected or users targeted by advanced attacks to reduce the time to remediation. An ‘Investigate’ feature reduces alert noise and prioritizes incident response, identifying emerging threats by investigating security events.
EventTracker Knowledge Pack for OpenDNS Umbrella Insights and Umbrella Platform allows monitoring of :
- Allowed and blocked DNS activities (like block list and security policies)
- Allowed and blocked security activities (like malware, phishing, botnet, drive by download)
- Top domain, categories and identities
“Having visibility at the DNS level is a significant benefit for security analysts. DNS traffic is a good indicator of compromise because strange DNS behavior can help pinpoint infections. EventTracker is pleased to provide a Knowledge Pack in support of the OpenDNS’s Umbrella Insights and Umbrella Platform offerings,” said A.N. Ananth, CEO, EventTracker. “As the name suggests, OpenDNS provides an Umbrella of security and it is a complementary match for our Enterprise Knowledge Packs.”
About EventTracker
EventTracker delivers business critical solutions that transform high-volume cryptic log data into actionable, prioritized intelligence that will fundamentally change your perception of the utility, value and organizational potential inherent in log files. EventTracker’s leading solutions offer Security Information and Event Management (SIEM), real-time Log Management, and powerful Change and Configuration Management to optimize IT operations, detect and deter costly security breaches, and comply with multiple regulatory mandates.
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.