Content, Channel partners, Security Program Controls/Technologies, Security Operations

Kustodian Adds Palo Alto Networks Threat Intelligence to SIEM Solution

CEO Chris Rock
Kustodian CEO Chris Rock

Kustodian, a penetration testing and security monitoring solutions provider, will add Palo Alto Networks MineMeld threat intelligence processing to the new version of its SIEMonster open source security information and event management (SIEM) software. MineMeld enables organizations to orchestrate threat intelligence and enforce prevention-based security controls via an open source application.

The company, led by CEO Chris Rock, also will incorporate security modules from Search Guard, an open source plug-in for the Elasticsearch data analysis platform, and two-factor authentication capabilities into SIEMonster Version 3, according to a prepared statement.

SIEMonster V3: Here's What You Need to Know

SIEMonster V3 is designed for organizations of all sizes, the company says. It is built on scalable, open source components, Kustodian said, and empowers organizations to quickly identify and address cyber threats.

With SIEMonster V3, organizations can leverage a range of security capabilities, including:

  • Alerting: Empowers users to send and receive security alerts via Slack, email and SMS.
  • Amazon Web Services (AWS) Support: Enables users to leverage pre-configured AWS Amazon Machine Images (AMI) and Cluster Compute instances.
  • Incident Ticketing: Automatically records security incidents and enables users to monitor outstanding issues.
  • Vulnerability Scanning: Scans for network vulnerabilities.

SIEMonster V3 will be generally available tomorrow. A free community edition of SIEMonster V3 will be released, along with a premium corporate edition and a multi-tenancy edition for MSSPs.

How Can MSSPs Use SIEMonster?

SIEMonster enables MSSPs to offer SIEM-as-a-service (SIEMaaS) with no licensing requirements per client, according to Kustodian. That way, MSSPs can use SIEMonster to deliver instant security alerts to customers' phones, emails or dashboards.

SIEMaaS provides open source threat intelligence, Kustodian noted. It leverages a virtual image that is installed in a data center to collect all security logs and is maintained by Kustodian.

Furthermore, SIEMaaS requires no upfront equipment purchases or maintenance or licensing costs, Kustodian said. All SIEMaaS costs include archiving and long-term log storage via Amazon Glacier and Amazon Simple Storage Service (S3).

What Is SIEMonster?

SIEMonster was developed as a "viable alternative" to commercial SIEM solutions, according to Kustodian. It is a turnkey SIEM solution, Kustodian stated, that is fully documented and has no data or node limitations.

Kustodian today has partnerships with MSSPs and security professionals around the world, the company said. It also plans to continue to develop and support SIEMonster in combination with the global cybersecurity community.

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.