Whisper Security Graph App for Splunk

The Whisper Security Add-on for Splunk connects Splunk to the Whisper Security Knowledge Graph, a repository of over 7.3 billion infrastructure nodes and 38 billion edges. The add-on enables enrichment of security events with DNS, BGP, WHOIS, GeoIP, SPF, and threat intelligence context. It provides custom search commands for executing Cypher graph queries, modular inputs for attack surface monitoring and threat intelligence collection, and dashboards for compliance posture tracking and infrastructure change detection. The add-on maps events to the CIM Network Resolution and Threat Intelligence data models. Supported data sources include whisper_threat_intel, whisper_baseline, and whisper_watchlist. Source types include whisper:attack_surface, whisper:threat_intel, whisper:watchlist, whisper:change, whisper:enrichment, ta_whisper_graph, and whisper:spf_compliance. The add-on serves organizations requiring infrastructure context enrichment for security analytics, compliance monitoring, and threat intelligence workflows.