Sophos Central has integrated many of the products a business needs to stay secure. However, they realize that many organizations have products from multiple vendors and leverage a SIEM (security information and event management) to try to make sense of all the security events produced by all those disparate products. With data flowing fast, IT teams face a big challenge when it comes to maintaining some semblance of coherent visibility into the vast amounts of information they’re constantly receiving from all their different vendor products.
In that spirit, they are pleased to announce that SIEM integration has been added to Sophos Central. Whether you use Splunk, ArcSight, or any other major SIEM, you’ll find it easy to connect to Sophos Central. You’ll get real-time insight into the events and alerts for all your Sophos Central products. It’s one integration whether you’re using Endpoint Advanced, or Wireless, or our next gen endpoint, Intercept X, or Email protection, or Encryption… they all work together so it’s a single integration.
Setup couldn’t be easier. Take a look at this short demo video to get an idea of how to get SIEM integration up and running within your organization:
With the recently released audit logs and RBAC features, SIEM integration is yet another step forward to improve the efficiency of IT teams large and small.
Contact us for more information