Added post injection attack correlation search.
Added Risk Analysis and Risk Based Alerting (RBA).
We polished up several things that ultimately ended up making the Correlation Searches work better.
Initial Release of Splunk App for Harpoon Security. App should is applicable for install on search heads, indexers, and forwarders.
This app is CIM compliant and mapped to Change, Endpoint, Intrusion Detection, and Malware datamodels.
This app is Enterprise Security Compliant and generates notable events of process injection at endpoints.
As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 10GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps from Splunk, our partners and our community. Find an app for most any data source and user need, or simply create your own with help from our developer portal.