Over a million developers have joined DZone.
{{announcement.body}}
{{announcement.title}}

Splunk Query Engine Drives Productivity and Security Gains

DZone's Guide to

Splunk Query Engine Drives Productivity and Security Gains

Security operations centers can now have unprecedented visibility and context from Splunk log data.

· Big Data Zone
Free Resource

Need to build an application around your data? Learn more about dataflow programming for rapid development and greater creativity. 

Siemplify™ today announced the introduction of its Splunk Query Engine for the company’s ThreatNexus™ end-to-end security operations platform. The new query engine enables security operations center (SOC) teams to upgrade the full scope of their security functionality, driving immediate productivity and security gains.  It allows for centralized management, creation, control and scheduled execution of Splunk queries. The query engine creates an easily installed, comprehensive SOC solution layered upon an organization's Splunk deployment.

“Our customers with existing Splunk deployments are being challenged when asked to deliver security monitoring and incident response capabilities,” said Siemplify CEO Amos Stern. “While having a powerful data platform, they lack the capabilities to support a full security practice. By applying ThreatNexus to an existing Splunk deployment, security teams gain instant SOC and IR capabilities, from case management and visualization, to hunting, automation and reporting.”

The ThreatNexus Splunk Query Engine allows security operation centers to:

●      Fuse Splunk log data with other security tools and data sources into a real-time, contextualized graph and achieve the full scope of ThreatNexus functionality.

●      Centrally create, import and manage the execution of queries to support use-cases most relevant to the organization.

●      Transform static log data from Splunk into actionable intelligence, driving increased ROI from legacy security investments in Splunk and other systems.

●      Leverage existing Splunk deployments, with or without Splunk Enterprise Security.

The combination of integrated query capability with ThreatNexus case management, automation, investigation, reporting and integrated Threat Intelligence delivers a complete SOC solution out of the box.

Check out the Exaptive data application Studio. Technology agnostic. No glue code. Use what you know and rely on the community for what you don't. Try the community version.

Topics:
security operations center ,splunk ,threat intelligence ,Splunk log data

Opinions expressed by DZone contributors are their own.

THE DZONE NEWSLETTER

Dev Resources & Solutions Straight to Your Inbox

Thanks for subscribing!

Awesome! Check your inbox to verify your email so you can start receiving the latest in tech news and resources.

X

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}