Absolute recently introduced the integration of Absolute alerts with Security Information and Event Management (SIEM) solutions. Today’s SIEM solutions gather, analyze, and present a holistic view of information from network and security devices, including: identity and access management applications, vulnerability management and policy compliance tools, operating system, database and application logs, external threat data and important information from endpoint security applications such as Absolute Data & Device Security (DDS).
Absolute DDS is a key part of our customers' defense-in-depth security strategies, which rely on multiple technologies to protect against a range of potential threats. Alert data generated by Absolute DDS and other security solutions can be fed into existing SIEM solutions and analyzed in context, offering a holistic view of an organization's entire security posture. Examples of alerts sent from Absolute DDS to SIEM include:
You can download the Absolute SIEM connector to export alerts generated in Absolute DDS directly to your SIEM solution for incident management. The SIEM Connector uses the syslog protocol to send these alert events. Detailed instructions for downloading, installing, and managing the Absolute SIEM Connector are available in the Absolute SIEM Connector Install Guide on the Documentation page in Customer Center.