This app is archived. App archiving documentation

Ziften Zenith App

The Ziften Zenith App provides continuous monitoring and detection & response of enterprise endpoints to enhance security and IT device hygiene posturing. The product provides real-time, rapid detection, and actionable response to Indicators of Compromise (IOC's). The Ziften Zenith App provides native integration of comprehensive endpoint visibility into Splunk, with the ability to combine that information with threat feeds and network intelligence for an end-to-end view of IOC's. The product is delivered with a variety of out-of-the box dashboards for easy ramp-up and customization.

Built by

Latest Version 2.0.0

July 5, 2017

Compatibility

Splunk Enterprise

CIM Version: 4.x

Rating

0

(0)

Log in to rate this app

Support

Not Supported

The Ziften Zenith App provides continuous monitoring and detection & response of enterprise endpoints to enhance security and IT device hygiene posturing. The product provides real-time, rapid detection, and actionable response to Indicators of Compromise (IOC's). The Ziften Zenith App provides native integration of comprehensive endpoint visibility into Splunk, with the ability to combine that information with threat feeds and network intelligence for an end-to-end view of IOC's. The product is delivered with a variety of out-of-the box dashboards for easy ramp-up and customization. In addition to populating the Ziften dashboards and reports, the Ziften Zenith App will also populate Splunk Common Information Models (CIM). This will allow other applications that utilize CIM data to benefit from Ziften’s rich endpoint data. Please note, that you must also install the Ziften Zenith Add-on, which can also be found in Splunkbase at https://splunkbase.splunk.com/app/1872/