Welcome to the new Splunkbase! To return to the old Splunkbase, click here.
Collections
Apps
Submit an app
Patronus SIEM app icon

Patronus SIEM

Patronus SIEM App provides security teams the ability to easily monitor, detect, and react to security concerns based on a scoring system that highlights notables and filters out the noise. Spend less time searching and more time logically drilling down to determine how events correlate to form a story.

Built by Spico Solutions
splunk product badge
screenshot
screenshot
screenshot
Last Updated
January 18, 2024
Compatibility
Not Available
Rating

0

(0)

Log in to rate this app
Support
Patronus SIEM support icon
Developer Supported app
Patronus SIEM App provides security teams the ability to easily monitor, detect, and react to security concerns based on a scoring system that highlights notables and filters out the noise. Spend less time searching and more time logically drilling down to determine how events correlate to form a story. Too often we see customers struggling with these challenges: - SOC teams spending hours focused on clearing noise instead of focusing on real problems - Bouncing from view to view trying to isolate events that caused problems - Struggling to build a timeline of events to determine if an issue is real or a false positive - Correlation that is less about correlating different triggering events and more about identifying something that might be considered "notable" The Patronus SIEM provides security teams the ability to easily monitor, detect and react to security concerns based on a scoring system that highlights notables and filters out the noise. Spend less time searching and more time logically drilling down to determine how events correlate to form a story. A basic scoring system was put in place which applies a certain level of risk to ALL detections. Those detections become compelling as they grow in score and then generate an incident after a prescribed threshold is exceeded. We believe that many events generate an incident and a timeline vs every incident representing a single event. This greatly reduces the time spent in lifecycle management and chasing false positives. Quite simply, time is the asset that is most important to a security team. - Time to detection - Time to investigation - Time to remediate Key Features Executive View - There is always an owner for your security team that doesn't care about the details - High level details of incidents, risks and threats identified Score based incident generation - Noise reduction - Cross-layer risk generation makes for a more reliable incident. Focuses more on the score of the many vs the score of one Incident Management - Immutable note taking for incident reporting - Organized operations for your SOC Threat Hunting Scoreboard - The Patronus Scoreboard provides a single real-time view of risk generating activities - Timeline view for risk objects as well as risk generating events - Drilldown to the records generating risk all in a single view

Categories

Created By

Spico Solutions

Type

app

Downloads

67

Splunk Answers

Resources

Log in to report this app listing