Splunk Enterprise Security Intelligence Solution Released
Splunk Inc. has released its Enterprise Security Intelligence Solution, which consists of the Splunk App for Enterprise Security 2.0 and Splunk Enterprise 4.3 – the company’s flagship software for collecting, indexing and harnessing machine data.
According to the announcement, Splunk Enterprise provides visibility into a broad range of IT events, including those beyond the purview of traditional solutions. Splunk’s big data engine lets customers see threats hidden as patterns in terabytes of normal user-credentialed activities that can indicate the presence of advanced malware or a malicious insider. Splunk Enterprise, combined with the core Splunk engine, delivers a next-generation security solution for monitoring known threats, support for forensic investigations, big data analytics to identify advanced threats, and dashboards for managing investigation workflows.
The new Splunk App for Enterprise Security 2.0 builds upon the innovation of previous product releases, adding many benefits, including: Real-time Event Correlation, whereby searches and alerts drive continuous monitoring of critical assets to members of the security team, and Dashboards, which provide visualization of more than 100 security metrics and 160 reports. With the drill-down feature, users can access raw data in a single click and move across the raw data types to follow an investigation wherever it leads. Version 2.0 also provides enhanced incident management, letting customers reprioritize, and reassign security events for quick resolution and incident response.
Splunk App for Enterprise Security 2.0 is available to current customers for immediate download.