Splunk Enterprise makes it simple to collect, analyze and act upon the untapped value of the big data generated by your technology infrastructure, security systems and business applications—giving you the insights to drive operational performance and business results.
Splunk Enterprise Security (ES) is a SIEM that provides insight into machine data generated from security technologies such as network, endpoint, access, malware, vulnerability and identity information. It enables security teams to quickly detect and respond to internal and external attacks to simplify threat management while minimizing risk and safeguarding your business. Splunk Enterprise Security streamlines all aspects of security operations and is suitable for organizations of all sizes and expertise.
Whether deployed for continuous real-time monitoring, rapid incident response, a security operations center (SOC), or for executives who need a view of business risk, Splunk ES delivers the flexibility to customize correlation searches, alerts, reports and dashboards to fit specific needs.
The Splunk App for Microsoft Exchange consumes logs from your Microsoft Exchange systems to give you deep visibility into the health and performance of your Microsoft Exchange environment; from Edge and Hub Transport servers to the Client Access servers and the Mailbox Store itself.
The result is a single view of your entire service infrastructure—available from a single location. This comprehensive visibility helps you to discover and resolve problems quickly and avoid service degradation and downtime.
The Splunk App for VMware provides deep operational visibility into granular performance metrics, logs, tasks and events and topology from hosts, virtual machines and virtual centers. It empowers administrators with an accurate real-time picture of the health of the environment, proactively identifying performance and capacity bottlenecks.
The latest release of the Splunk App for VMware provides enhanced visibility into the storage tier including built-in correlation and direct drill-downs into NetApp Data ONTAP storage systems. The results are holistic visibility, comprehensive analytics and faster problem resolution.
The Splunk App for PCI Compliance provides continuous monitoring of all relevant PCI DSS requirements, efficient workflows for audit trails and incident reviews, reports to measure the overall effectiveness and status of PCI technical controls, and enables the quick resolution of auditor data requests.
Splunk IT Service Intelligence is a next-generation monitoring and analytics solution that uses machine learning and event analytics to simplify operations, prioritize problem resolution and align IT with the business.
Modern day threats are either driven by external attackers or malicious insiders. The latter is hard to detect since traditional security products don’t focus on behavior, and sophisticated external attacks rely on new techniques and extended dormant timelines. To remedy this, next-generation security tools must analyze trillions of events over extended periods of time and employ a new detection philosophy based on behavior modeling and peer group analytics vs. a rule- or signature-driven approach.
Splunk UBA is an out-of-the-box solution built on a big data (Hadoop) platform that helps organizations find known, unknown and hidden threats. It uses a data science driven approach that produces actionable results with risk ratings and supporting evidence so SOC analysts and hunters can quickly respond to and investigate threats.