Splunk App for Enterprise Security
The Splunk App for Enterprise Security is a next-generation security intelligence platform that addresses SIEM (Security Information and Event Management)use cases by providing pre-packaged dashboards, reports, incident response workflows, analytics and correlations. It also provides out-of-the-box support or the most common security data sources including network security, endpoint solutions, malware and payload analysis, network and wire data, identity and asset management systems, and threat intelligence to accelerate deployment and adoption.
Splunk App for Enterprise Security includes:
- Library of security - and risk-based KPIs and KSIs to use in any combination within dashboards and monitors to streamline security operations.
- Incident review dashboards and workflow actions that enable users to drill down of pivot on any piece of data to rapidly understand the priority, impact and context or any activity.
- End-to-end visibility with direct access across all data and security domains including user/asset, network, endpoint, access, threat intelligence and wire data technologies.