ARLINGTON, Va.–(BUSINESS WIRE)–ThreatConnect, Inc.®, creator of the most widely adopted Threat Intelligence Platform (TIP), today announced the availability of the ThreatConnect App for Splunk. This new application gives joint customers the ability to operationalize the ThreatConnect threat intelligence that is integrated with Splunk® Enterprise.
“Businesses today are struggling with operationalizing their threat intelligence. The ThreatConnect App for Splunk allows our customers to make smart business decisions, and act on their internally and externally sourced threat intelligence more effectively”
ThreatConnect aggregates and curates threat intelligence from multiple sources, and makes this intelligence actionable in Splunk Enterprise in order to better identify and mitigate threats targeting organizations. ThreatConnect customers can now take advantage of those abilities so teams can conduct real-time analysis, correlate indicators, visualize threats, and set up alerts. With the application’s unique Diamond Dashboard, users can query for intelligence on a specific threat group, organize it per the Diamond Model for Intrusion Analysis and also highlight any observances of that threat in their network. The application provides further details and analysis that can be applied to workflows, logs, and more.
“Businesses today are struggling with operationalizing their threat intelligence. The ThreatConnect App for Splunk allows our customers to make smart business decisions, and act on their internally and externally sourced threat intelligence more effectively,” said Andy Pendergast, VP of Product. “We are excited to have built such a powerful application that also allows businesses to determine which threat intelligence feeds actually provide relevant intelligence for their particular business and security infrastructure.”
Key features of the ThreatConnect App for Splunk:
- Operationalize intelligence of a Threat with complete Diamond Model representations and matches from your environment on a single dashboard.
- Multi-source threat intelligence collection
- Transparent threat intelligence aggregated, confidence weighted, and applied to trigger Splunk alerts
- Automated threat intelligence indicator updates
- Prioritized events based on criticality and confidence scores relationships to known threat types and groups, past incidents and tags
- High-level dashboards with details on matches from indicators organized by indicator type, criticality, associations and other criteria
To learn more about the ThreatConnect App for Splunk, please visit our link here www.splunkbase.com
ThreatConnect, Inc. is the leading provider of advanced threat intelligence products and services including ThreatConnect®, the most comprehensive Threat Intelligence Platform (TIP) on the market. ThreatConnect delivers a single platform in the cloud and on-premises to effectively aggregate, analyze, and act to counter sophisticated cyber-attacks. Leveraging advanced analytics capabilities ThreatConnect offers a superior understanding of relevant cyber threats to business operations. To learn more about ThreatConnect, visit: www.threatconnect.com.
Splunk is a trademark or registered trademark of Splunk Inc. in the United States and other countries.