Splunk has launched a new app for enterprise security which allows security professionals to stalk cyberattackers with new visualisation technology.
The new visualisation app, version 3.0 of the Splunk App for Enterprise Security, enables advanced threat detection, resulting in a significant reduction in the time to incident discovery and response.
It also includes a new threat intelligence framework, support for new data types, data models and pivot interface.
Splunk chief marketing officer, Steve Sommer, said the new app helped security professionals connect the dots to catch cyberattackers, watching their every step by enabling customers to monitor all data and see potentially malicious activity patterns.
“The new visualisations enable both Splunk power users and newcomers to perform complex actions needed to find and report on data anomalies and outliers,” he said.
“The threat intelligence framework in the Splunk App for Security delivers something security information and event management (SIEM) systems do not - all threat feeds in a single view with de-duplicated threat information.
“These new enhancements can create tremendous efficiencies for security teams whose number one goal is to identify and react to threats in as little time as possible.”
451 Research senior security analyst Adrian Sanabria said the app provided the flexibility and customisation necessary for an incident responder, security professional or SOC to pull the information they need to the surface quickly.
“Researching a security incident is stressful enough - being able to identify threats through a simple point-and-click interface and easily create alerts is essential,” he said.
“The Splunk App for Enterprise Security helps the security professional work incidents and perhaps discover the source of an intrusion in as little time as possible.”