Splunk Enterprise Security (ES) is a SIEM that provides insight into machine data generated from security technologies such as network, endpoint, access, malware, vulnerability and identity information.
• Gain comprehensive security analytics from security and non-security data sources
• Streamline advanced threat investigations using kill chain methodology
• Rapid incident analysis with fast time-toanswer and proactive threat hunting
• Use machine learning-based advanced analytics for rapid anomaly and threat detection and mitigate insider and external threats
• Adaptive Response to improve operational efficiency with automated and human assisted decisions