Contribution of log plugins for third-party security tools will address a major pain point for SOC teams and streamline their work with the Elastic Stack. empow also announces release of Version 3.0 of the empow i-SIEM.
LAS VEGAS, Aug. 7, 2019 /PRNewswire/ -- BLACK HAT -- empow, whose next generation i-SIEM enables companies to detect and respond automatically to attacks, without human-defined rules - today announced the launch of its Open-Source Security Log Plugins Repository for Elastic users. This open-source resource is expected to reduce the burden on security operations teams by reducing their need to write – or outsource – ingestion configurations for their security tools.
Security platform teams face a big challenge today, regardless of which approach they use for SIEM," says Avi Chesla, empow's Founder & CEO. "They have dozens, even hundreds of security tools and products, but in order to be able to use the logs, information, and events from these systems, they will generally need to obtain a log plugin for EACH product. This means they need to either wait for the vendor to develop one, write it themselves, or pay someone to write it for them. The Elastic community is fortunate that the open source Elastic Stack allows for community collaboration in the development and maintenance of these log parsing configurations. In that light, empow has decided to contribute an open source repository of security-focused log plugins to the community, enabling security teams to easily ingest their logs into the Elastic Stack, and saving them many hours of work every month."
empow intends to provide log plugins for dozens of leading security products as well as other IT data sources, maintain them and manage the repository. This effort further supports empow's intent-based plugins contribution launched this past March. Looking forward, empow will also enable the security community to contribute their own log plugins to the repository, for the benefit of the entire Elastic community.
Mike Paquette, Director of Product, Security Market at Elastic, adds: "With our community, Elastic has introduced the Elastic Common Schema – or ECS – which creates a unified way to represent logs, information, and events that come from a multitude of relevant data sources. This new contribution by empow strengthens the ECS community, enabling security operations teams to easily ingest their security logs into the Elastic Stack, and enabling analysts to search through their data seamlessly, regards of whether it was ingested by an Elastic curated ingestion module, or from a community-provided ingestion configuration, saving precious time and effort. We believe the Elastic community will benefit from this contribution."
To begin using the Open-Source Security Log Plugins Repository analysts simply visit the empow website at this link. There is no need to register – the tool is open to everyone.
Today empow also announces the release of its Version 3.0 i-SIEM. This version includes full implementation of the MITRE ATT&CK™ framework representation, among other analyst flow and operational support tools. Together with the i-SIEM's patented natural language processing technology, which automates data and threat classification without the need for human written rules – this makes the i-SIEM the most efficient and cost effective SIEM in the market today by far - speaking the language of attacks, on behalf of all of the organization's IT data sources and security tools.
For its unique technology and successful market validation empow was selected Finalist in the Black Unicorn awards at Black Hat.
empow is the developer of a new kind of security information and event management (SIEM) system that detects cyber attacks and automatically orchestrates adaptive investigation and mitigation actions in real time, without the need for human-written rules. empow's strategic OEM partnership with Elastic makes empow's i- SIEM the optimal security solution for Elastic users.
empow is headquartered in Boston and Tel Aviv, and customers distributed across North America and Europe. The company has been widely recognized in the industry, was selected a Gartner Cool Vendor and received the SC Award Europe in 2019 for Best Emerging Technology.