Splunk App for Enterprise Security
The Splunk App for Enterprise Security helps customers identify and address emerging security threats through the use of continuous monitoring, alerting and analytics. Suitable for a small security team or an enterprise security operations center, the app is the primary data interface for the analytics enabled security operation. * Situational awareness dashboards give custom views of risk per domain, asset, or identity * Incident Review provide analysis workflows that reveal the priority of the incident, incident context, and impact on assets and identities * Analysis centers provide indicators of unknown threats from traffic abnormalities * Correlation tools enable monitoring for new attackers by correlating new domain registration with web activity * Statistical outlier detection tools aid anomaly detection * Unified Threat Intelligence from many sources * Data inputs provided for NetFlow, logs, RDBMS, APIs, & more
Hurricane Labs Add-On for Nessus
The Hurricane Labs Add-On for Nessus is a Splunk Technology Add-On by Hurricane Labs for pulling vulnerability scan data from the Nessus API and indexing the data in a Splunk-compatible JSON format. Additionally, a nightly job will configure a lookup table to provide additional contextual information for the Nessus plugins. Nessus is the property and registered trademark of Tenable Network Security. This add-on is not written, endorsed or supported by, or affiliated with, Tenable Network Security in any way.
Splunk DB Connect
Real-time integration between Splunk Enterprise and relational databases--now with improved access control and support for IBM DB2 and SAP Sybase. Splunk DB Connect delivers reliable, scalable, real-time integration between Splunk Enterprise and relational databases. Integrate structured data from relational databases with data in Splunk Enterprise to drive deeper levels of analysis and operational intelligence.