Reducing Vulnerabilities and Exposures Through Visibility
Illuminate Your Attack Surface
RiskIQ Digital Footprint for Splunk enables security teams to take control of their attack surface, reducing their risk and creating a better defense. The RiskIQ Digital Footprint App for Splunk will automatically ingest your external asset inventory including asset metadata. Use this data to build reports, trigger alerts or aid in the identification of vulnerabilities or exposures against your assets.
Features & Benefits
- Access and continuously synchronize your attack surface inventory directly within Splunk.
- Leverage pre-built dashboards and reports or customize your own in order to glean insights into your attack surface.
- Rapidly search across your asset inventory including metadata to surface vulnerable or out-of-compliant infrastructure.
- Automate your workflow using Splunk alerts triggered off changes in your attack surface.
- Correlate local log data with your externally facing asset inventory to identify vulnerabilities, exposures or potential compromises.
Read more or share internally using our Joint Solution Brief!
Installation & Support
RiskIQ is happy to provide support for our Splunk applications. If you have questions, feedback or run into issues, please contact us using firstname.lastname@example.org. Alternatively, existing enterprise clients can reach out directly to their support representative. Please do not contact Splunk support for issues related to the RiskIQ applications.
To get the best experience, pair this Add-On with the Digital Footprint App for Splunk. Here's a direct link to the application/add-on support guide which includes technical requirements, architecture and installation details.
Allow Users to create mutiple data inputs in the Digital Footprint Add-ON to support data pull in multiple splunk indexes in a single or multi tenant environment
Moved and Added lookups and custom commands in TA from main app
Updated /event/search API data collection to use parameter scroll instead of offset to resolve the Internal Server Error
Added proxy support
Bifurcated assets and events data into different source types
Provide support for enabling/disabling data inputs
Provided support to collect only new and updated assets information
* Added validation for API credentials in setup page
As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 10GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps from Splunk, our partners and our community. Find an app for most any data source and user need, or simply create your own with help from our developer portal.