Splunk App for Enterprise Security helps identify and address emerging security threats through continuous monitoring, alerting and analytics. Suitable for small security teams and enterprise SOCs, ES is the best data interface for security analytics operations.
* Situational awareness dashboards give custom views of risk per domain, asset, or identity
* Incident Review provides analysis workflows that reveal the priority of the incident, incident context, and impact on assets and identities
* Analysis centers provide indicators of unknown threats from traffic abnormalities
* Correlation tools enable monitoring for new attackers by correlating new domain registration with web activity
* Statistical outlier detection and risk scores aid anomaly detection
* User Activity Monitoring provides visibility into all activities for rapid investigation and resolution
* Unified Threat Intelligence from many sources including TAXII server feeds with support for STIX and OpenIOC
* Accepts NetFlow, logs, RDBMS, & more
Detecting today's advanced threats can no longer be done using only rule and signature-based detection tools. It requires a comprehensive approach to security that can only be facilitated by a big data security intelligence platform that makes any data security relevant, scales to terabytes of data per day, and provides comprehensive statistical analysis capabilities to help security investigators find anomalies and outliers.
The Splunk App for Enterprise Security leverages the power Splunk Enterprise to give security professionals a single solution to detect known, threats and analyze massive volumes of data to look for unknown threats in normal user activity. Equally suitable for a small security team or an enterprise security operations center, the app is a primary data interface for the security professional faced with a growing list of threats from malicious insiders and advanced threats.
For more information see the Splunk ES Home Page.
Documentation may be found here: Splunk App for Enterprise Security Documentation