OT Security Add-on for Splunk

The OT Security Add-on for Splunk enables organizations that operate assets, networks, and facilities across both IT and OT environments to better apply the globally proven SIEM, Splunk Enterprise Security, to improve threat detection, incident investigation, and response. The OT Security Add-on for Splunk expands the capabilities of Splunk’s platform to monitor for threats and attacks, compliance, incident investigation, forensics, and incident response across the broad spectrum of assets and topologies - from email servers to PLCs - that define modern manufacturing, energy, and public sector organizations. Components of this solution include: OT Security Overview Perimeter Monitoring Infrastructure Monitoring Centralized view across partner technologies. NERC CIP Compliance Reporting Correlation Rules including mapping to security frameworks like MITRE ATT&CK for ICS, CIS 20, and others Integration with Enterprise Security Dashboards designed to help you identify misconfigurations and missing data The OT Security Add-on for Splunk REQUIRES Splunk Enterprise Security. For any OT related sales conversations, please contact otsecurity@splunk.com