In a continuation of our discussion around the strengths of combining secure privileged account management with SIEM capabilities, we’re excited to announce our new alliance with Tenable Network Security!
Integrating Secret Server with Tenable’s log correlation engine, SecurityCenter Continuous View, will provide administrators with improved oversight of their organization’s security practices.
What is Tenable SecurityCenter Continuous View?
Tenable SecurityCenter Continuous View provides organizations with a uniquely integrated vulnerability and SIEM functionality, helping them move from periodic assessment to continuous and instant identification and response for security and compliance threats.
How does it integrate with Secret Server?
Secret Server works with Tenable SecurityCenter CV by sending event engine logs to the tool in the form of syslog. SecurityCenter CV now has built-in support for processing Secret Server events, such as Heartbeat success, Secret expiration and user login activity. For a more detailed description of supported events see Tenable’s forum page.
The benefits of integration:
Incorporating event logs from Secret Server into the rest of your collective SIEM data allows you to maintain more comprehensive records of user access to privileged credentials for every account you manage through Secret Server, from workstations and servers to network devices and many more. Ultimately, this means your administrators have access to faster and more reliable attack detection and mitigation.
For more information:
See our Syslog Integration Guide for details on configuring Secret Server to log events to your SIEM tool.