Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Network Security

Splunk App for Enterprise Security Gets New Features

Splunk, a provider of software that helps organizations gather and make use of machine data from a diverse set of sources, has released the latest version of the Splunk App for Enterprise Security.

Now in Version 3.1, the company has introduced a new risk scoring framework to enable easier, faster threat detection and containment by empowering users to assign risk scores to any data.

Splunk, a provider of software that helps organizations gather and make use of machine data from a diverse set of sources, has released the latest version of the Splunk App for Enterprise Security.

Now in Version 3.1, the company has introduced a new risk scoring framework to enable easier, faster threat detection and containment by empowering users to assign risk scores to any data.

The app also includes new features to help users connect and visualize data on the fly and introduces guided search to make security analytics more accessible to a broad range of users without requiring knowledge of programming languages or command syntax, San Francisco, California-based Splunk said.

Key features in version 3.1 of the Splunk App for Enterprise Security include:

Risk-based Analytics: Enhance decision-making by applying a risk score to any data through a new Risk Scoring Framework. Helps security and IT teams prioritize, triage and be alerted to threats based on risk score, while also exposing contributing factors of the risk score to all relevant teams.

Visual Investigation: Gain faster, deeper insights across all machine data by giving users the ability to visually discover relationships by creating event swim lanes that organize and correlate all data.

Guided Search Creation: Simplify complex correlation across disparate data sources by building advanced searches in a guided user interface with little or no knowledge of any programming language or command syntax.

Domain Name-based Threat Intelligence: Adding onto the integrated Threat Intelligence Framework, which deduplicates and assigns weights to threat intelligence feeds, security teams can now integrate high-fidelity and complex URLs and domain names.

Advertisement. Scroll to continue reading.

“Adapting quickly to new attack techniques is the key for modern cybersecurity warriors, and the new version of the Splunk App for Enterprise Security was built specifically to help organizations remain agile in this dynamic landscape of zero-day and previously unknown attacks,” said Haiyan Song, vice president of security markets at Splunk. “Risk scoring provides prioritization beyond just event data to help security teams transform security analytics by identifying the most critical threats from the massive streams of data surrounding them. We believe the app will have a profound impact on the threat detection capabilities of organizations around the world.”

Version 3.1 of the Splunk App for Enterprise Security requires version 6.x of Splunk Enterprise and existing Splunk customers who have purchased the app can download version 3.1 of the Splunk App for Enterprise Security on Splunk Apps.

According to Splunk, more than 7,400 customers use its software, including government agencies, universities and service providers in over 90 countries.

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Network Security

A zero-day vulnerability named HTTP/2 Rapid Reset has been exploited to launch some of the largest DDoS attacks in history.