CrowdStrike SIEM Log Streams and Agent Proxy enhancements
Introducing Log Streams for CrowdStrike Next-Gen SIEM for real-time security event monitoring and enhanced threat detection. This integration enables rapid streaming of Aembit Edge event logs and audit logs directly to CrowdStrike’s Next-Gen Security Information and Event Management (SIEM) platform using the HTTP Event Collector (HEC) protocol.
By connecting Aembit with CrowdStrike Next-Gen SIEM, you can:
- Stream Access Authorization Events, Audit Logs, and Workload Events to CrowdStrike SIEM
- Configure TLS encryption and verification options
- Automatic failure notifications for Aembit admins
- Seamless integration with existing CrowdStrike HEC configurations
This feature enhances your organization’s security posture by improving threat detection capabilities, streamlining incident management, and supporting compliance monitoring requirements through centralized log analysis in CrowdStrike.
To learn more, see Log Streams for CrowdStrike Next-Gen SIEM.
Aembit has applied security and performance enhancements to Agent Proxy in this release.
Aembit has added the AEMBIT_CLIENT_WORKLOAD_PROCESS_IDENTIFICATION_ENABLED Agent Proxy environment variable to Enable
Process Name Client Workload
identification.
Updated Edge Components:
- Agent Proxy
Updated Edge Packages:
-
Helm Chart
-
VM Agent Proxy package
-
Terraform ECS module
-
AWS Lambda Extension
-
AWS Lambda Layer
See Edge Components supported versions for more details.