Splunk Enterprise Security 4.0, Splunk UBA and the Splunk App for PCI Compliance 3.0 Now Generally Available
- By : Editor
- In : News
- Comments : Comments Off on Splunk Enterprise Security 4.0, Splunk UBA and the Splunk App for PCI Compliance 3.0 Now Generally Available
Splunk Enterprise Security and Splunk UBA Are a Leap Forward in Detecting and Responding Throughout the Lifecycle of Security Attacks
Splunk Inc, provider of the leading software platform for real-time Operational Intelligence, today announced the general availability of Splunk Enterprise Security 4.0 (ES), Splunk User Behavior Analytics (UBA) and the Splunk App for PCI Compliance 3.0. Splunk® ES includes major updates to help organizations track attackers’ actions with streamlined ad hoc analyses and event sequencing. Splunk UBA delivers out-of-the-box capabilities driven by machine learning and advanced analytics to help detect cyberattacks and insider threats. The Splunk App for PCI Compliance helps organizations verify their compliance to the Payment Card Industry Data Security Standards (PCI DSS).
“Splunk is the nerve center for security, enabling our customers to detect, understand and take rapid, coordinated action across the organization,” said Haiyan Song, senior vice president of security markets, Splunk. “Splunk Enterprise Security lets analysts visually correlate events over time and better communicate details of multi-stage attacks. Splunk UBA uses machine learning to help spot the most dangerous offenders. Together, they create a powerful defense that is further strengthened by hundreds of security apps available to Splunk customers on Splunkbase.”
Splunk ES Helps Organizations Detect, Scope and Respond to Advanced Attacks
Splunk ES 4.0 tackles multi-stage attacks with improved breach detection and response as well as improved collaboration through an extensible analytics framework. New features and benefits include:
– Investigator Journal keeps track of ad hoc searches and activities to streamline analysis of multi-stage attacks associated with breach detection and response.
– Investigator Timeline allows individual analysts to place any event, activity or annotation within a visual timeline to better understand and communicate the cause and effect of events and the details of advanced multi-stage attacks.
– Investigator Timeline also allows different security team members to place events, actions and annotations onto the visual timeline to share their analysis and understanding of the scenario to collaboratively investigate incidents, problems and breaches.
– Enterprise Security Framework allows customers, vendors and third parties to create, access and extend ES functionality with their own apps that can run within ES and utilize features such as the alert management, risk scoring, threat intelligence, and identity and asset frameworks.
Learn more about Splunk ES 4.0 on the Splunk website. Splunk ES 4.0 requires Splunk Cloud or Splunk Enterprise version 6.3.x.
Splunk UBA Adds a New Layer of Defense
Splunk UBA uses unsupervised machine learning, multi-entity behavior baselines, peer group analytics and advanced correlations to improve detection of cyber-attacks and insider threats. Benefits include:
– Helps detect anomalous behavior by users, devices and other entities within the enterprise, and then discover and combine patterns of anomalies into specific, actionable threats.
– Increases security analysts’ effectiveness by helping them to focus upon meaningful threats and malicious activities using kill chain visualizations.
– Operationalizes security through integration with the larger family of Splunk products, including rapid analysis of data from Splunk Enterprise and automatic creation of alerts in Splunk ES 4.0 for easy to manage incident response.
Learn more about Splunk UBA on the Splunk website.
Splunk App for PCI Compliance Measures the Effectiveness of PCI
Splunk App for PCI Compliance 3.0 is designed to help organizations verify their PCI compliance posture by reviewing and measuring the effectiveness and status of their technical controls. It can also identify and prioritize any control areas that need attention and lets organizations quickly address auditor requirements. Features include:
– New reports and searches covering the PCI DSS 3.1 standard.
– Updated user interface and additional technology add-ons.
– Built on the Enterprise Security Framework to take advantage of the alert management, risk scoring, threat intelligence, and identity and asset frameworks.
Learn more about the Splunk App for PCI Compliance on Splunkbase.