Reducing Vulnerabilities and Exposures Through Visibility
Illuminate Your Attack Surface
RiskIQ Digital Footprint for Splunk enables security teams to take control of their attack surface, reducing their risk and creating a better defense. The RiskIQ Digital Footprint App for Splunk will automatically ingest your external asset inventory including asset metadata. Use this data to build reports, trigger alerts or aid in the identification of vulnerabilities or exposures against your assets.
Features & Benefits
- Access and continuously synchronize your attack surface inventory directly within Splunk.
- Leverage pre-built dashboards and reports or customize your own in order to glean insights into your attack surface.
- Rapidly search across your asset inventory including metadata to surface vulnerable or out-of-compliant infrastructure.
- Automate your workflow using Splunk alerts triggered off changes in your attack surface.
- Correlate local log data with your externally facing asset inventory to identify vulnerabilities, exposures or potential compromises.
Read more or share internally using our Joint Solution Brief!
Installation & Support
RiskIQ is happy to provide support for our Splunk applications. If you have questions, feedback or run into issues, please contact us using firstname.lastname@example.org. Alternatively, existing enterprise clients can reach out directly to their support representative. Please do not contact Splunk support for issues related to the RiskIQ applications.
To get the best experience, pair this Add-On with the Digital Footprint App for Splunk. Here's a direct link to the application/add-on support guide which includes technical requirements, architecture and installation details.
- Allow users to filter ingested assets by tag, brand or organization
- Added the global inventory endpoint for assets data collection
- Made an Add-on Python2 and Python3 compatible
- Added Support of Splunk v8.0.x
* Moved and Added lookups and custom commands in TA from main app
* Updated /event/search API data collection to use parameter scroll instead of offset to resolve the Internal Server Error
* Added proxy support
* Bifurcated assets and events data into different source types
* Provide support for enabling/disabling data inputs
* Provided support to collect only new and updated assets information
* Added validation for API credentials in setup page
* Added data collection from RiskIQ's web service and parsing logic for data
Splunk AppInspect evaluates Splunk apps against a set of Splunk-defined criteria to assess the validity and security of an app package and components.
As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 10GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps and add-ons from Splunk, our partners and our community. Find an app or add-on for most any data source and user need, or simply create your own with help from our developer portal.