With its risk scoring framework capability, enterprise security personnel can assign risk scores to any data and can detect a threat faster and contain it.
Users can visualize and connect data, and the app’s guided search helps make security analytics more accessible to a wider range of users without the need of programming knowledge or command syntax.
Splunk customers can download version 3.1 of the app.
“Adapting quickly to new attack techniques is the key for modern cyber security warriors, and the new version of the Splunk App for Enterprise Security was built specifically to help organizations remain agile in this dynamic landscape of zero-day and previously unknown attacks,” said Haiyan Song, VP, security markets, Splunk, in a press release. “Risk scoring provides prioritization beyond just event data to help security teams transform security analytics by identifying the most critical threats from the massive streams of data surrounding them. We believe the app will have a profound impact on the threat detection capabilities of organizations around the world.”
Some of the app’s main features are risk-based analytics, visual investigation and domain name-based threat intelligence through which complex correlations can be simplified and teams can integrate high-fidelity complex URLs to assign weights to threat intelligence feeds.
Splunk’s enterprise security app version 3.1 requires version 6.x of Splunk Enterprise.
SAMSUNG GALAXY S8 PLUS
The Samsung Galaxy S8 Plus is a beautifully crafted smartphone with nearly no bezel, curvaceous in design and reflects a…
How to: Connect to Exchange Online Using Multi-Factor Authentication
Using PowerShell to manage your Microsoft cloud services like Exchange Online and using multi-factor authentication (MFA) separately is awesome. Using…