Splunk adds risk scoring to latest Enterprise Security app

Splunk adds risk scoring to latest Enterprise Security app

Summary: With Version 3.1 of its security app, Splunk said the IT teams of its enterprise customers gain more access to security and analytics tools.


Machine data player Splunk has released version 3.1 of its Splunk App for Enterprise Security.

The company said the latest app iteration enables faster threat detection with a new risk score feature, as well as simplified access to security analytics.

Splunk said key features of version 3.1 include guided search creation, disparate data visualization, domain name-based threat intelligence, and a new Risk Scoring Framework that helps security and IT teams prioritize and triage threats based on their risk score.

Haiyan Song, vice president of security markets for Splunk, said the app represents a step forward in providing security analytics to more roles across an enterprise's security team:

"Adapting quickly to new attack techniques is the key for modern cybersecurity warriors, and the new version of the Splunk App for Enterprise Security was built specifically to help organizations remain agile in this dynamic landscape of zero-day and previously unknown attacks. Risk scoring provides prioritization beyond just event data to help security teams transform security analytics by identifying the most critical threats from the massive streams of data surrounding them."


Topics: Apps, Big Data, Enterprise Software, Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


1 comment
Log in or register to join the discussion
  • Extending Splunk with User Experience Data

    Splunk call themselves a machine data player, but you can extend the intelligence you get from splunk with the Logfiller app from their Splunkbase store. This provides accurate User Experience data - logon delays, application, website and system usage and waiting times.