Global Threat Intelligence Provider Enables Splunk Customers to Conduct Comprehensive Investigations with Bidirectional Threat Intelligence Integration
IntSights, the threat intelligence company focused on enabling enterprises to Defend Forward™, announced today the availability of the new certified IntSights Application for Splunk. This partnership between the market’s only all-in-one External Threat Protection Suite, IntSights, and Splunk, provider of the Data-to-Everything® Platform, empowers joint customers to seamlessly access enterprise-specific threat intelligence from IntSights directly within existing Splunk deployments.
Effective cyber defense extends beyond the corporate perimeter. Understanding how, when, and where attacks are likely to strike is critical. When organizations augment SIEM solutions with integrated threat intelligence, they can proactively defend and neutralize threats at the source.
The new IntSights App for Splunk introduces a revolutionary approach for connecting threat intelligence from multiple sources across the clear, deep, and dark web with a customer’s Splunk environment. The IntSights app is a unique bidirectional integration that correlates, enriches, and manages organization-specific vulnerabilities, and offers the ability to easily conduct comprehensive IntSights-driven investigations… all within Splunk.
Read More: Realizing Enterprise threat visibility versus real-time operational issues
“With this robust app, security teams can directly access IntSights-enriched IOCs from within their Splunk environment. This gives those on the front line vital real-time context for informed and prioritized risk management,” noted Yaron Paryanty, VP of Product Management at IntSights.
IntSights for Splunk enables SOC teams to:
- Expand real-time visibility of threat actors and malware targeting the enterprise’s digital assets
- Generate automatic alerts for relevant active indicators in an organization’s network environment
- Seamlessly conduct advanced IntSights investigations from within the app
- Accelerate informed decision-making and automate incident response
- Instantly identify and rapidly remediate critical threats before business impact
Read More: Vulnerability Management – Addressing the Need and the Challenges
Download the IntSights App for Splunk, which can be installed either in the cloud or on-prem for both Splunk Enterprise and Splunk Enterprise Security (ES). For additional information, watch the IntSights for Splunk demo.
Stay tuned for additional enhancements to the IntSights App for Splunk. In the near future, mutual customers will be able to continuously access IntSights organization-specific threat alerts and risk-scored CVEs from within their Splunk