Splunk and DTEX Systems have partnered to accelerate zero-trust security operations with insider risk intelligence and endpoint telemetry ignored by NGAV, UEBA and DLP tools.
DTEX InTERCEPT™ brings a previously unavailable data source to SOC, IR and threat intelligence teams while multiplying the value of Splunk ES and SOAR. It’s lightweight, cloud-native, privacy-by-design architecture scales to thousands of endpoints and servers in hours, collects only 3-5 MB of data per user each day with low CPU usage and zero impact on employee efficiency.
Only DTEX InTERCEPT delivers the context and intelligence that answers the Who, What, When, Where and How related to any potential insider threat situation, compromised account event or data loss scenario without invading personal privacy.
Insider threats, data loss events and account compromise follow a pattern of activity. DTEX analysts have identified and codified the insider equivalent: the Insider Threat Kill Chain, which encompasses the five steps present in nearly all insider attacks to provide organization-wide user visibility that highlights every step of the kill chain, rather than just focusing on the moment of exfiltration.
Fixed filter bug for Alerts Dashboard and Incident Report Dashboard
As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 10GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps from Splunk, our partners and our community. Find an app for most any data source and user need, or simply create your own with help from our developer portal.