Turning Splunk data into pre-emptive breach detection
In case you haven't heard of it Splunk is one of the most popular machine data analytics tools, used to provide early warning of network and system issues.
IT teams often rely on access to this data for security information and event management (SIEM), but as malware becomes more sophisticated it can be difficult to spot what's important in time to prevent major breaches.
Breach detection specialist TaaSera is launching NetTrust for Splunk which allows users to integrate NetTrust's preemptive breach detection solution into Splunk-based security management applications.
"Splunk is one of the most widely used analytics platforms on the market today and is becoming increasingly popular for cybersecurity purposes as a SIEM. But when malware is increasingly able to avoid leaving traces in logs, critical IOCs and similar pre-breach behaviors can go unrecognized by SIEMs allowing dangerous and malicious activity to go undetected within a network’s perimeter," says Ivan Shefrin, Vice President of Security Solutions at TaaSera. "With many of TaaSera’s customers invested in Splunk, we are ensuring that they have access to the best possible data and analytics necessary to act in time before sensitive information, business continuity and reputations suffer due to data breaches".
NetTrust uses patented 'Threat DNA' mapping technology to identify otherwise hidden network behaviors at run time and continuously analyze behavioral and contextual evidence. At the same time it integrates tightly within Splunk Enterprise 6.1 and 6.2. It gives users access to real-time visualizations of network systems at the greatest risk, along with the ability to identify the precise indicators of compromise (IOCs), in the right context and at the right time. This allows it to provide a more actionable early warning system for breach containment and response.
NetTrust for Splunk is available now, more information and downloads can be found on the TaaSera website.
Image Credit: Balefire / Shutterstock