cl-au logo
Story image

Forescout expands integrations with partner solutions

16 Nov 2020

Forescout Technologies has expanded its partnerships and integrations with Splunk, CrowdStrike and CyberArk to enable joint customers to bridge security gaps and strengthen the cyber-physical risk posture across the entire network, while maintaining operational integrity of critical systems.

“Organisations with complicated networks struggle with outdated methods of managing industrial control system (ICS) and OT assets across their infrastructure. Forescout’s integrations with industry-leading technologies from Splunk, CrowdStrike and CyberArk deliver cohesive and contextual insights of all assets, improve operational integrity and manage associated security threats down to the device level,” says Forescout chief product and strategy officer Pedro Abreu.

Splunk

Security operations teams can leverage a new Forescout and Splunk integration to defend an organisation across all device types and network tiers. 

The new Forescout OT Network Security Monitoring for Splunk App integrates Forescout eyeInspect with Splunk Enterprise and Splunk Enterprise Security.

The app consolidates contextual device data and alerts into pre-built dashboards and prioritises security and operational alerts to defend OT and ICS networks against operational failures and cyberattacks, such as Ripple20, EKANS, WannaCry, NotPetya and TRITON. 

The full Forescout and Splunk integration enables organisations to streamline enterprise security across the entire threat lifecycle.

This app will also support the new OT Security Add-on for Splunk, which accelerates time to insight with structured data models that make it easy to correlate OT data from various sources. 

CrowdStrike

Forescout’s expanded partnership with CrowdStrike now includes the eyeInspect OT solution for joint threat hunting in internet of things (IoT) and ICS/OT infrastructure. 

Delivered through the Forescout eyeExtend module, enhanced integration with the CrowdStrike Falcon platform ensures customers receive threat intelligence data across enterprise networks and critical infrastructure.

CrowdStrike’s Falcon platform correlates 4 trillion endpoint-related events per week in real time from across the globe, fuelling one of the world’s most advanced data platforms for security. 

CyberArk

The Forescout platform now integrates Forescout eyeInspect device intelligence with the CyberArk Privileged Access Security Solution to centrally discover, manage and secure privileged accounts across a broader range of devices, common to IoT, OT and ICS environments. 

Forescout’s privileged account discovery capabilities now include Mac and Linux endpoints. 

The integration also empowers organisations to automatically segment and enforce credential and user compliance. This is critical for organisations that need to preserve the continuity and accountability of the systems. 

The integration includes IoT/OT/ICS orchestrated workflows between CyberArk and Forescout to reduce manual workloads and rapidly respond to threats without operational disruption.