'

Splunk adds more machine learning, analytics to security detection tools

Splunk added features and integration between User Behavior Analytics (UBA) 2.2 and Splunk Enterprise Security 4.1.

Splunk on Tuesday outlined updates to its User Behavior Analytics and Enterprise Security software to add machine learning, anomaly detection and enhanced correlation and investigation tools.

User Behavior Analytics (UBA) 2.2 and Splunk Enterprise Security 4.1 will be generally available in April. The two packages can be used together or alone. The overall idea is to enable Splunk Enterprise Security to ingest the behavioral anomalies found by User Behavior Analytics.

The updates come as Splunk has notched a few security wins of late. The company landed a large deal with Verizon on Feb. 23. Verizon Enterprise Solutions and Splunk announced a partnership to bring analytics and predictive threat detection to enterprises as a managed service. Splunk's technology will enable Verizon's security services.

Among the key points for the UBA and Enterprise Security updates:

  • UBA machine learning technology will be available throughout Enterprise Security with modeling.
  • The flow of data from UBA to Enterprise Security will be integrated into incident response.
  • More context about user, device and application anomalies in Splunk.
  • Risk scores and customized threat detection are available.