SAN FRANCISCO--(BUSINESS WIRE)--The need and adoption of security analytics solutions for today’s security operations are driving remarkable growth at Splunk Inc. (NASDAQ: SPLK), provider of the leading software platform for real-time Operational Intelligence. The Splunk® App for Enterprise Security doubled its customer base in fiscal year 2015 and today Splunk announced that a new release of the award-winning product will be generally available (GA) on April 30. The latest version of the app introduces new capabilities for rapid threat detection and response – speeding the time it takes to detect advanced threats and malicious insiders.
Today, Splunk also announced that SAIC is boosting its security analytics with the Splunk App for Enterprise Security. Jonathan Jowers, chief information security officer, SAIC, will be presenting at RSA Conference 2015 on Wednesday, April 22, 2:50 p.m. PT in the North Hall Briefing Center. Other leading organizations relying on Splunk software for security include 1-800-FLOWERS.COM, Adobe, Banco BPI, Beth Israel Deaconess Medical Center, Equinix, Nordstrom and Republic Services. Splunk was named a Leader in the 2014 Gartner Magic Quadrant for Security Information and Event Management (SIEM) and Splunk customers routinely win awards for their groundbreaking work. Blue Cross Blue Shield of IL, TX, NM, MT, OK was named a winner of the CSO50 2015, which recognizes security projects and initiatives that demonstrate outstanding business value and thought leadership.
“The world’s leading security teams are standardizing on Splunk software as their security nerve center to quickly detect, respond and take action when an incident, compromise or breach occurs,” said Haiyan Song, senior vice president of security markets, Splunk. “The new Splunk App for Enterprise Security furthers this with STIX/TAXII and OpenIOC integrations, app content sharing and expanded user activity monitoring. These new capabilities help security teams more effectively detect threats and collaborate internally and across their industry.”
“The research we’ve done confirms STIX/TAXII and OpenIOC integration enables access to critical sources of information that provide value to detecting and blocking advanced attacks,” said Jon Oltsik, senior principal analyst, Enterprise Strategy Group. “Splunk’s threat intelligence enhancements align with the demands we’re hearing from customers.”
The new features in the latest version of the Splunk App for Enterprise Security include:
Faster Detection of Advanced Threats using Threat Intelligence
- Integration with STIX/TAXII and OpenIOC allows customers in public and private sectors to access threat intelligence using emerging industry specifications.
- Expanding the scope of threat intelligence beyond IP address, domains and files to include identity, process, services, registry keys, applications, network protocol headers and certificate information in order to provide additional context and intelligence to better detect known and unknown malicious activity.
- Automatically act on threat intelligence by matching new Indicator of Compromise (IOC) to all data in Splunk to identify unknown threats, as well as to allow customers to take rapid actions to investigate and mitigate these threats.
Better Detection of Malicious User Activity
- User activity-centric dashboards and visualizations provide out-of-the-box analytics and investigation capabilities to identify suspicious, high-risk user activities and authentication behavior of a malicious insider or an advanced threat that is using legitimate credentials.
- Identify potential data theft scenarios by analyzing emails and web activity through protocol intelligence. Unusual activity for email and web is detected when user behavior deviates from the peer group – for example, emails to non-corporate domains or uploads to file sharing sites.
Further Enhance Collaboration and Security Operations
- Content export allows customers to collaborate and share app content such as correlation searches, reports and dashboards with other users of the Splunk App for Enterprise Security whether they are in another department or another organization.
- Workflow automation assigns and notifies an analyst of a notable event based on type or urgency, as well as add context with hyperlinks to automate standard operating procedures.
- Deployment Performance Monitor allows administrators to easily monitor the health and performance of the Splunk App for Enterprise Security to ensure continuity of security operations.
Splunk customers who have purchased the app can download version 3.3 of the Splunk App for Enterprise Security on Splunkbase on Thursday, April 30. New users can contact Splunk sales. Please visit the Splunk website for more information about Splunk App for Enterprise Security.
$100,000 Splunk Apptitude App Contest Announced at RSA Conference 2015*
Splunk is now accepting submissions for its second Splunk Apptitude App Contest for new apps that work with the Splunk platform. Winners will be selected in three categories; Innovation, Social Impact and Fraud/Insider Threats. The first-place winning submission in the fraud or insider threats category will win a $100,000 prize. The Innovation and Social Impact first-place winners will also receive $20,000 and $30,000 respectively in prizes. Click here to read the Splunk Apptitude App Contest blog to learn more.
Don’t miss Monzy Merza, chief security evangelist, Splunk, presenting the RSA crowdsource session, “Active Response: Automated risk reduction, or manual action?” on Thursday, April 23, 8:00 a.m. PT in the North Hall, room 133. Visit the Splunk booth in the North Hall (#3321) at RSA Conference 2015 to learn what Splunk can do for your organization, and watch an in-booth theater sessions covering Splunk for Security every 30 minutes.
About Splunk Inc.
Splunk Inc. (NASDAQ: SPLK) provides the leading software platform for real-time Operational Intelligence. Splunk® software and cloud services enable organizations to search, monitor, analyze and visualize machine-generated big data coming from websites, applications, servers, networks, sensors and mobile devices. More than 9,000 enterprises, government agencies, universities and service providers in more than 100 countries use Splunk software to deepen business and customer understanding, mitigate cybersecurity risk, prevent fraud, improve service performance and reduce cost. Splunk products include Splunk® Enterprise, Splunk Cloud™, Hunk®, Splunk Light™, Splunk MINT and premium Splunk Apps. To learn more, please visit http://www.splunk.com/company.
Splunk, Splunk>, Listen to Your Data, The Engine for Machine Data, Hunk, Splunk Cloud, Splunk Light, Splunk Storm, SPL and Splunk MINT are trademarks and registered trademarks of Splunk Inc. in the United States and other countries. All other brand names, product names, or trademarks belong to their respective owners. © 2015 Splunk Inc. All rights reserved.
*NO PURCHASE NECESSARY. Ends 7/20/15 @ 12:00:00a.m. PT. Subject to OFFICIAL RULES. See rules for eligibility and entry requirements.