Asset identification framework


(Andrew Vdovin) #1

To manage risks we have to Identify the assets at scope and SIEM is a perfect technology to achieve this milestone. Asset Identification Framework (AIF) is a turn-key use case that monitors network connections to automatically discover and categorize assets into service categories such as DNS, Database, Authentication servers, VMware hypervisors, etc. Gathered data is useful to populate SIEM Asset & Network model, correlate with CMDB to identify gaps and compare with discovery scans by VM tools. AIF supports servers that fulfill multiple service roles. This is useful starting Identification point for any SOC, a basic component to compliance and threat-centric cases and foundation to continuous asset and risk monitoring.


For more info - please, check https://my.socprime.com/en/integrations/asset-identification-framework-kibana


(kulkarni) #2

Thank you for your detailed description. I shall tag our internal kibana-app developers and PM to look into this.

cc @Stacey_Gammon @Alona_Nadler

Cheers
Rashmi


(system) #3

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.