Siemplify Introduces Splunk Query Engine to Drive Productivity and Security Gains

siemplify_screenSiemplify has announced the introduction of its Splunk Query Engine for the company’s ThreatNexus security operations platform. The new query engine will enable security operations center (SOC) teams to “upgrade the full scope of their security functionality, driving immediate productivity and security gains,” according to a release.

The update allows for centralized management, creation, control and scheduled execution of Splunk queries. The query engine creates an easily installed, comprehensive SOC solution layered upon an organization’s Splunk deployment.

“Our customers with existing Splunk deployments are being challenged when asked to deliver security monitoring and incident response capabilities,” said Siemplify CEO Amos Stern. “While having a powerful data platform, they lack the capabilities to support a full security practice. By applying ThreatNexus to an existing Splunk deployment, security teams gain instant SOC and IR capabilities, from case management and visualization, to hunting, automation and reporting.”

The ThreatNexus Splunk Query Engine allows security operation centers to:

  • Fuse Splunk log data with other security tools and data sources into a real-time, contextualized graph and achieve the full scope of ThreatNexus functionality.
  • Centrally create, import and manage the execution of queries to support use-cases most relevant to the organization.
  • Transform static log data from Splunk into actionable intelligence, driving increased ROI from legacy security investments in Splunk and other systems.
  • Leverage existing Splunk deployments, with our without Splunk Enterprise Security.

Widget not in any sidebars
Jeff Edwards
Follow Jeff

Leave a Reply

Your email address will not be published. Required fields are marked *