Machine data is critical for any enterprise, as it comprises of configuration data, data from APIs and message queues, change events, the output of diagnostic commands and more. This data is essential in identifying problematic trends occurring due to security threats that lurk within that information.
In an effort to address known and unknown threats, Splunk, a provider of software for real-time operational intelligence, has rolled-out Enterprise Security Intelligence Solution, comprising of the Splunk App for Enterprise Security 2.0 and Splunk Enterprise 4.3.
Splunk Enterprise 4.3, which is a part of company’s Enterprise Security Intelligence Solution, is software for collecting, indexing and harnessing machine data. Leveraging Splunk’s (News - Alert) big-data engine, it can provide visibility into a broad range of IT events including those that are beyond the purview of traditional security solutions, but are increasingly security-relevant, according to a press release.
The Splunk Enterprise software facilitates users to gain operational intelligence that deepens business understanding, improves service and uptime, reduces cost and mitigates cybersecurity risk.
As a provider of engine for machine data, Splunk provides software solutions that collect, indexes and harnesses the massive machine data continuously generated by the websites, applications, servers, networks and mobile devices that power business. It facilitates organizations to monitor, search, analyze, visualize, and act on massive streams of real-time and historical machine data.
The latest Splunk Enterprise version 4.3 now features: mobility featuring new non-Flash UI that delivers the power of Splunk anywhere; easier to use dashboard; up to 10 times more concurrent users and 10 times more faster search; data preview and support for more complex security policies, and more.
Apart from the latest version of Splunk Enterprise, the Splunk Enterprise Security Intelligence Solution also includes the Splunk App for Enterprise Security2.0.
The new Splunk App for Enterprise Security 2.0 delivers a next-generation security solution for monitoring known threats, support for forensic investigations, big data analytics to help identify advanced persistent threats, and dashboards for security posture and investigation workflows.
“The Splunk App for Enterprise Security, together with core Splunk and other community-supported apps available through SplunkBase, continue to provide a flexible solution of security metrics and dashboards that support views of our total enterprise risk,” said Dan Frye, Corporate Security CedarCrestone, Inc Associate Vice president, in a press release.
Available to current Splunk customers for immediate download, the new Splunk App for Enterprise Security 2.0 also provides real-time event correlation, visualizations of security data, access to raw data, and enhanced incident management.
“Customers who use Splunk Enterprise to monitor and analyze machine data to gain insights into their operations in real-time can use the Splunk App for Enterprise Security to monitor, identify, investigate and respond to critical known and unknown security threats,” said Senior Vice President of Solutions for Splunk, Christina Noren, in a press release.
Jayashree Adkoli is a contributing editor for TMCnet. To read more of Jayashree's articles, please visit her columnist page.
Edited by Amanda Ciccatelli