The new offerings are aimed at integrating security data across multiple on-prem and cloud environments and vendors to improve cybersecurity decision-making, the company says.
Data analytics and cybersecurity platform provider Splunk announced Tuesday Splunk Security Cloud, a cloud-based security operations platform that integrates analytics, automated security operations and threat intelligence.
"At Splunk, we believe security is a data problem and data drives better decisions, providing the foundation for security analytics," Sendur Sellakumar, Splunk's chief product officer, said in a press release.
Security Cloud comes in Standard and Plus editions. According to Splunk's product brief, both editions:
Use by-the-device pricing vs. data ingest pricing
Correlate data across security tools
Apply prescriptive detections and guidance to detect threats faster
Align detections to industry standard frameworks like MITRE ATT&CK
Automation to improve time-to-detection, investigation and response times
The Plus edition:
Integrates threat intelligence into customers' operations to improve threat hunting
Helps with root cause analytics using pre-built frameworks and risk scoring
Neither edition comes with security orchestration and response (SOAR) capabilities standard but they can be added.
SEE: Security incident response policy (TechRepublic Premium)
"Splunk Security Cloud combines advanced security analytics, streamlined security operations and an open and thriving ecosystem, bringing together Splunk's and our partners' industry leading security solutions to help our customers securely embrace digital transformation and SOC [security operations center] modernization," Jane Wong, Splunk's vice president of product management, security, said in a press release.
Splunk has over 2,500 partners and their automation ecosystem includes over 300 third-party integrations that support more than 2,000 operations actions, the company said. These integrations allow customers to correlate data across different security tools.
Splunk also announced Splunk Security Analytics for AWS, a new, simplified security offering for small security teams managing AWS cloud environments. Security Analytics for AWS is scheduled to be available on AWS Marketplace on June 29.
Splunk Security Cloud and Security products are available today in the United States and will be available in APAC and EMEA in the future.
"Security buyers today value a platform that integrates traditionally separate tools for advanced behavioral analytics, threat intelligence and SOAR; all delivered in the cloud that is easy-to-buy and easy-to-use," Jon Oltsik, senior principal analyst and fellow at the Enterprise Strategy Group, said in the Splunk press release about the new offerings. "Splunk has made great strides over the past year in bringing together their security solutions on a single cloud platform under one pricing model, helping customers manage high-volume actionable data for security teams in real-time."
- How to become a cybersecurity pro: A cheat sheet (TechRepublic)
- Security threats on the horizon: What IT pro's need to know (free PDF) (TechRepublic)
- Checklist: Securing digital information (TechRepublic Premium)
- Online security 101: Tips for protecting your privacy from hackers and spies (ZDNet)
- Cybersecurity and cyberwar: More must-read coverage (TechRepublic on Flipboard)