Playbook Fridays: New ThreatConnect App for Splunk 3.1

Splunk Users Can Now Launch Playbooks Directly from Splunk With ThreatConnect App Updates

Earlier this week, the latest ThreatConnect App for Splunk (v3.1) was released to Splunkbase. This release for Splunk is all about taking action and enabling our customers to fully leverage the power of the ThreatConnect Platform while working directly inside Splunk or Splunk Enterprise Security. This is a big release for us, and one in which Splunk users will see a lot of benefit.

Launch Playbooks Directly from Splunk
The ThreatConnect App for Splunk has always provided Splunk users the ability to leverage customizable threat intelligence integrated into Splunk from their ThreatConnect accounts. Now, as seen in Figure 1 below, you can launch ThreatConnect Playbooks directly from the Splunk interface.

Figure 1: Launch a ThreatConnect Playbook directly from the Splunk interface

 

Manage Downloading and Configuration of Playbook Workflow Actions
Directly from the ThreatConnect App Dashboard, you’ll now see a Playbooks option in the navigation (Figure 2). This is where you can manage the downloading and configuration of Playbooks from ThreatConnect, and the configuration of Playbook Workflow Actions all without worrying about logging into a separate Platform or interface.

Figure 2: ThreatConnect Dashboard view from within Splunk

 

Make Faster Decisions with Automation and Orchestration
What’s this mean? Well, now Playbook Actions can be leveraged right from the Event Triage Dashboard, as part of Enterprise Security Adaptive Response, and as a part of Workflow Actions on Events. Integrate threat intelligence into response efforts while tying your technologies together to orchestrate decision making based on Events happening in Splunk.

For more information, reach out to sales@threatconnect.com for a demo. If you’re a current customer, please reach out to your designated Customer Success team for details.

About the Author
Megan Horner

Megan Horner is the Director of Product Marketing at ThreatConnect. Working closely with the Product, Sales, and Marketing teams, Megan ensures an effective Go To Market strategy is in place. She has experience working for vendors of all sizes across numerous cybersecurity disciplines. Outside of work, Megan enjoys spending time with her son and their mini-bulldog, Otis.