Conf24: Splunk Unleashes Enterprise Security 8.0, More
Splunk's latest innovations provide big opportunities for partners, the company says.
SPLUNK CONF24 — On day two of Conf24, Splunk unveiled new security offerings that include Enterprise Security 8.0 and a new Federated Analytics feature.
A unified threat detection, investigation and response (TDIR) solution is crucial to power the security operations center (SOC) of the future, according to Splunk. The latest offerings from the company address this need by delivering comprehensive security visibility, accurate threat detection and streamlined workflows for rapid response, ultimately saving time.
Now with Mission Control integrated, Enterprise Security 8.0 simplifies how security analysts detect, investigate and respond to threats. With standardized terminology and unified automation via Splunk Security Orchestration, Automation and Response (SOAR), Enterprise Security 8.0 expedites how security pros triage alerts, and enhances detection with advanced analytics. As a result, security analysts can access streamlined workflows and respond more quickly.
Beyond Enterprise Security 8.0
Splunk's Federated Analytics feature, available in private preview on Splunk Cloud Platform and Splunk Enterprise Security cloud deployments, introduces what the company says is a new approach to data analysis. This solution allows customers to analyze data directly where it resides, for threat hunting and bringing specific data into Splunk for frequent threat detection. By integrating with Amazon Security Lake, Federated Analytics allows businesses to detect and investigate security incidents without the need to relocate data. This capability ensures swift, context-rich data analysis and enhances operational agility, setting the stage for future expansions to additional data platforms, Splunk said.
In addition, following Cisco’s acquisition of Splunk, security teams can now access Cisco Talos threat intelligence across Splunk Attack Analyzer, Splunk Enterprise Security and Splunk SOAR for enhanced defense against known and emerging threats. Cisco Talos Threat Intelligence Group is a team composed of researchers, analysts and engineers.
Leveraging Talos’ intelligence network, Splunk customers can streamline threat detection and response processes, reducing alert fatigue and allowing security analysts to focus on critical threats. This enables quick identification and prioritization of real threats with global real-time outbreaks, contextual insights and advanced correlations, according to Splunk.
Data Management Innovations
In addition, Splunk unveiled new data management innovations that provide customers with unified visibility across their enterprise and help achieve more comprehensive data ownership. Through the new Splunk Data Management portfolio, customers can send, share and process their data across Splunk Cloud Platform and Splunk Observability Cloud.
Tom Casey, Splunk’s senior vice president and general manager of product and technology, said the age of AI requires greater resiliency.
Splunk's Tom Casey
“That requires us to drive change in our environments quickly,” he said. “We need to catch issues while they’re small so that we can focus on our work. We need to have stronger analytics that we can bring to bear so we can find new opportunities as well. All of this requires broad and deep visibility into the environments that we’re operating in, and demands efficiency and productivity from each of us. This is exactly what Splunk delivers.”
Scroll through our slideshow above for more from day two of Conf24.
About the Author
You May Also Like