The Ziften Zenith App provides continuous monitoring and detection & response of enterprise endpoints to enhance security and IT device hygiene posturing. The product provides real-time, rapid detection, and actionable response to Indicators of Compromise (IOC's). 
 
The Ziften Zenith App provides native integration of comprehensive endpoint visibility into Splunk, with the ability to combine that information with threat feeds and network intelligence for an end-to-end view of IOC's.  The product is delivered with a variety of out-of-the box dashboards for easy ramp-up and customization. 

In addition to populating the Ziften dashboards and reports, the Ziften Zenith App will also populate Splunk Common Information Models (CIM). This will allow other applications that utilize CIM data to benefit from Ziften’s rich endpoint data.  Please note, that you must also install the Ziften Zenith Add-on, which can also be found in Splunkbase at https://splunkbase.splunk.com/app/1872/