icon/x Created with Sketch.

Splunk Cookie Policy

We use our own and third-party cookies to provide you with a great online experience. We also use these cookies to improve our products and services, support our marketing campaigns, and advertise to you on our website and other websites. Some cookies may continue to collect information after you have left our website. Learn more (including how to update your settings) here.
Accept Cookie Policy

Accept License Agreements

This app is provided by a third party and your right to use the app is in accordance with the license provided by that third-party licensor. Splunk is not responsible for any third-party apps and does not provide any warranty or support. If you have any questions, complaints or claims with respect to this app, please contact the licensor directly.

Thank You

Downloading Cloud Security Monitoring
To install your download
For instructions specific to your download, click the Details tab after closing this window.

Flag As Inappropriate

Cloud Security Monitoring

Admins: Please read about Splunk Enterprise 8.0 and the Python 2.7 end-of-life changes and impact on apps and upgradeshere.
Cloud Security Monitoring is an application which is built on top of Splunk that provides visibility to the organization's Cloud infrastructure.
- The Positka Cloud Security Monitoring App gives you critical insights into your AWS and Azure accounts to analyse and visualize data from numerous services like Compute, Storage, IAM and Network
- The Positka Cloud Security Monitoring solution helps security teams streamline security operations for organizations of all sizes and levels of expertise.
- It helps you gain end-to-end visibility across your cloud environment for the SOC Analyst to detect, investigate, and respond to internal and external cloud-based threats which offers pre-packaged dashboards, correlation rules, and incident response workflows to help SOC teams analyse, investigate and respond to alerts.

This application solution uses the following frameworks:
1. Incident Management - Correlation of SIEM rules
2. Threat Intelligence- Subscription to 30+ community / open source threat intel feeds (with IOC matching included)

Detailed Features of the App

Single-Pane-of-Glass Visibility:
The Positka cloud Security Monitoring solution for cloud services provides an effortless experience in configuring and monitoring all cloud platform logs from AWS and Azure across services like Network, Compute, Storage and IAM.
Rules/Content: Maintaining a use case library with 170+ rules across both AWS and Azure platform. Customers can select the rules as per their requirement.

Security Posture View:
The Security Posture dashboard gives a consolidated view of key metrics, making it easier for the organization to make key decisions and helps to Understand what happened across the cloud environment and helps determine if a cloud resource might have been compromised

Real time Monitoring:
Enables the SOC team to monitor threats and correlate events in real time to find and stop threats.
Incident Response: Organized way to address and manage potential threat incidents.
It helps SOC teams analyse, investigate and respond to alerts.

Service level Overview/Security analytics views:
The Service Overview dashboards and Security Analytics view provide detailed information about the activity happening within specific services in your cloud environment as well as static, dynamic and visual correlations to investigate threats or attacks happening in the cloud environment.

Investigation dashboards: Analytics are key to producing insights from mountains of data and we have diverse set of investigation dashboards to identify hidden threats.

Threat Intelligence:
Subscription to 30+ community / open source threat intel feeds (with IOC matching included), helps SOC team recognize abnormal activity, assess the risk to the business, and prioritize the response.

AppInspect Tooling

Splunk AppInspect evaluates Splunk apps against a set of Splunk-defined criteria to assess the validity and security of an app package and components.

Are you a developer?

As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 10GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps and add-ons from Splunk, our partners and our community. Find an app or add-on for most any data source and user need, or simply create your own with help from our developer portal.

Follow Us:
© 2005-2020 Splunk Inc. All rights reserved.
Splunk®, Splunk>®, Listen to Your Data®, The Engine for Machine Data®, Hunk®, Splunk Cloud™, Splunk Light™, SPL™ and Splunk MINT™ are trademarks and registered trademarks of Splunk Inc. in the United States and other countries. All other brand names, product names, or trademarks belong to their respective owners.