Technical Add-on for ThreatDown

ThreatDown, powered by Malwarebytes The Add-on for ThreatDown provides custom Splunk configuration to understand ThreatDown event data. This app is a requirements for all ThreatDown apps for Splunk. The app includes Common Information Compliant (CIM) field extractions and pre-defined source types for multiple ThreatDown products making it compatible with all CIM based Splunk apps including Splunk Enterprise Security. It is a pre-requisite for all other ThreatDown Splunk apps. ThreatDown makes endpoints resilient through adaptive cyber protection, active threat response and orchestrated endpoint control that quickly restores workforce productivity when a compromise occurs. Our adaptive cyber protection predicts and detects attacks with multi-layer detection across the kill chain. We enable active threat response where machine learning is actionable and automated allowing for full recovery when a compromise occurs. We orchestrate command and control across siloed IT and Security organizations simplifying security management and making response effective. ThreatDown makes endpoints resilient, so that you can protect, remediate, and regain control of your digital business.