SIEM Integration – Attaching Custom Fields to Every Event
Administrators can now define custom fields to be added to every event forwarded to SIEM platforms
Organizations’ SIEM platforms are part of critical IT security processes. To support these automated processes, the data received from the security vendor is often not enough and additional custom tagging is required.
Administrators can now define up to five fields and values to be added to every forwarded event, so these events can be properly managed and cataloged.
This is especially useful for MSPs and large global organizations, with several portals forwarding events to the same SIEM platform.
To do that, go to Configuration -> Security Engines -> SIEM Integration -> Configuration -> Add custom field.
You may also like
Rising Mobile Threats: Closing the Security Gap in Your Organization’s Device Strategy
As advanced mobile threats become more prevalent, it’s crucial for ...
Is Firebase Phishing a Threat to Your Organization?
Check Point researchers have uncovered a sophisticated credential harvesting attack ...
How hunting for vulnerable drivers unraveled a widespread attack
Attackers are increasingly targeting vulnerabilities in drivers, which operate in ...
Cyber Criminals Using URL Tricks to Deceive Users
Overview: In a newly observed scam, Check Point researchers found ...