Splunk enhances its unified security and observability platform
Splunk has released innovations to Splunk’s unified security and observability platform to help build safer and more resilient digital enterprises.
Splunk’s latest innovations include enhancements to Splunk Mission Control and Splunk Observability Cloud, and the general availability of Splunk Edge Processor. With the Splunk platform, organizations can unify, simplify and modernize their workflows and business.
Strengthen digital resilience with Splunk’s unified security solution
The world of security operations is rife with challenges. Many organizations cannot achieve rapid situational awareness of a security event, let alone mount a coordinated response and quickly resolve these incidents.
The enhanced Splunk Mission Control lets security operations centers (SOC) detect, investigate and respond to threats from one modern and unified work surface.
Mission Control brings together Splunk’s security technologies that will help customers take control of their detection, investigation and response processes. Splunk’s security offerings include security analytics (Splunk Enterprise Security), automation and orchestration (Splunk SOAR), and threat intelligence capabilities.
In addition, Splunk Mission Control offers simplified security workflows with processes codified into response templates. With Splunk Mission Control, security teams can focus on mission-critical objectives, and adopt more proactive, nimble security operations. Splunk Mission Control is available to Splunk Enterprise Security Cloud customers based on technical and regional requirements.
Enhance troubleshooting and visibility with observability innovations
As organizations modernize their infrastructure, they face increased complexity and larger surface areas when troubleshooting. ITOps and DevOps teams need more visibility across their environment and require manual correlation to determine the root cause of incidents. With Splunk’s new innovations to the Observability Cloud, teams can troubleshoot faster with increased visibility and a more unified approach to incident response.
Splunk Incident Intelligence empowers teams to increase on-call team efficiency so they can diagnose, remediate, and restore services before their customers are impacted. New Autodetect capabilities from Splunk APM uses machine learning to reduce manual effort and improve the accuracy of alerts, while IM Network Explorer enables teams to easily monitor and assess their cloud network health and resolve issues quicker. All Splunk Observability Cloud innovations are now generally available.
Simplify data processing with Splunk Edge Processor
Now generally available, Splunk Edge Processor provides Splunk Cloud Platform customers with increased visibility into and control over streaming data before it leaves their network. With Edge Processor, customers can easily filter, mask and route data, experiencing improved efficiency in data transformation as powered by the next generation of Splunk Search Processing Language (SPL2,) which simplifies data search and preparation.
“GoTo sees Splunk Mission Control as a solution that can take its security operation to the next level,” said Michael Rennie, Technical Manager, Security Operations at GoTo. “The more we can centralize our SOAR, threat intelligence and ticketing system data in Mission Control, the more time we can save.”
“Splunk gives us full visibility into our data, helping us understand and work with it as it goes through the whole company,” said Randy Herold, CISO, ManpowerGroup. “We don’t just use data; we build on and off of it to improve our day-to-day operations, simplify our environment and make better decisions.”
“Cyber attacks are growing more frequent and complex, but organizations still need to drive resilience as they continue their digital transformation,” said Duncan Brown, IDC Group VP of European Software Research.
“Splunk’s innovations in unified security and observability aid organizations in resolving this conundrum, by increasing digital resilience through advanced security analytics and better visibility across the tech stack. A holistic approach to security and observability is essential for any digital enterprise,” Brown added.
“Organizations must focus on digital transformation and deliver value for their customers, but their teams are constantly facing cybersecurity threats, IT system stressors and other adverse events,” said Tom Casey, SVP, Products & Technology, Splunk.
“Splunk’s latest product innovations will help our customers mitigate these challenges. Splunk’s integrated security and observability solutions help security operations, IT operations and DevOps teams work smarter and better together to achieve this transformation and build digital resilience,” Casey concluded.