The OT Security Add-on for Splunk enables organizations that operate assets, networks, and facilities across both IT and OT environments to better apply the globally proven SIEM, Splunk Enterprise Security, to improve threat detection, incident investigation, and response. The OT Security Add-on for Splunk expands the capabilities of Splunk’s platform to monitor for threats and attacks, compliance, incident investigation, forensics, and incident response across the broad spectrum of assets and topologies - from email servers to PLCs -  that define modern manufacturing, energy, and public sector organizations.

Components of this solution include:
OT Security Overview
Perimeter Monitoring
Infrastructure Monitoring
Centralized view across partner technologies.
NERC CIP Compliance Reporting
Correlation Rules including mapping to security frameworks like MITRE ATT&CK for ICS, CIS 20, and others
Integration with Enterprise Security
Mapping of Use Case Content (Analytics Stories)

The OT Security Add-on for Splunk REQUIRES Splunk Enterprise Security.  

For any OT related sales conversations, please contact otsecurity@splunk.com