Crytica App for Alerting

Crytica App for Alerting provides Splunk dashboards and workflow tools for monitoring Crytica Security alert data ingested with the crytica:alert sourcetype. The app gives SOC analysts a focused command console for active Threat and Performance alerts, dedicated investigation dashboards, alert history analytics, and acknowledge/resolve workflow support using Splunk KV Store. The app is designed to help security teams quickly identify protected-device integrity changes, performance anomalies, affected hosts, severity, alert subject, object path, and current workflow state. It also supports trend analysis, recent alert queues, bulk resolution workflows, and optional CIM-aligned fields for teams using Splunk Enterprise Security or CIM data models. Requires Splunk KV Store for alert workflow state. Splunk Common Information Model is recommended for CIM mapping, but not required for the dashboards. For information about Crytica deployments, integrations, demonstrations , or proof-of-concept opportunities, please contact the Crytica team. Email: info@cryticasecurity.com Website: cryticasecurity.com