Security landscape is constantly evolving with new and advanced threats found every day. This makes it difficult for enterprises to keep up with the latest threat detection techniques between two consecutive software releases. Splunk UBA’s content subscription service is a delivery mechanism that enables enterprises to bridge this gap and help maintain a good security posture. Through the content updates, Splunk UBA’s security and data science research team continuously improves the efficacy of UBA generated threats and anomalies independent of the software release process.
Splunk UBA content update delivers one or all of the following:
- New or enhanced machine learning data models
- Deterministic security rules
- Threat intelligence
For information on installation and release notes see: http://docs.splunk.com/Documentation/UBA
This release includes new content in the following areas:
Data exfiltration through a single file
* Cloud data, including Office 365
See the documentation at https://docs.splunk.com/Documentation/UBA/4.3.3.
As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 10GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps and add-ons from Splunk, our partners and our community. Find an app or add-on for most any data source and user need, or simply create your own with help from our developer portal.