Siemplify has announced the introduction of its Splunk Query Engine for the company’s ThreatNexus security operations platform. The new query engine will enable security operations center (SOC) teams to “upgrade the full scope of their security functionality, driving immediate productivity and security gains,” according to a release.
The update allows for centralized management, creation, control and scheduled execution of Splunk queries. The query engine creates an easily installed, comprehensive SOC solution layered upon an organization’s Splunk deployment.
“Our customers with existing Splunk deployments are being challenged when asked to deliver security monitoring and incident response capabilities,” said Siemplify CEO Amos Stern. “While having a powerful data platform, they lack the capabilities to support a full security practice. By applying ThreatNexus to an existing Splunk deployment, security teams gain instant SOC and IR capabilities, from case management and visualization, to hunting, automation and reporting.”
The ThreatNexus Splunk Query Engine allows security operation centers to:
- Fuse Splunk log data with other security tools and data sources into a real-time, contextualized graph and achieve the full scope of ThreatNexus functionality.
- Centrally create, import and manage the execution of queries to support use-cases most relevant to the organization.
- Transform static log data from Splunk into actionable intelligence, driving increased ROI from legacy security investments in Splunk and other systems.
- Leverage existing Splunk deployments, with our without Splunk Enterprise Security.
Widget not in any sidebars
Latest posts by Jeff Edwards (see all)
- Five Questions You Need To Ask Yourself When Evaluating SIEM Solutions - November 8, 2017
- Winning the Data Breach War with User and Entity Behavioral Analytics - November 3, 2017
- 5 Alternatives to The Gartner Magic Quadrant for SIEM - October 31, 2017