Splunk Asset and Risk Intelligence accelerates security investigations
Splunk announced Splunk Asset and Risk Intelligence, a solution designed to power the SOC of the future by helping businesses streamline compliance, reduce cyber risk and eliminate the sources of shadow IT. This new addition builds upon Splunk’s robust security portfolio, which includes Splunk Enterprise Security, Splunk Attack Analyzer and Splunk SOAR.
With operations spread across cloud, hybrid, on-prem and IoT systems, security operations teams need continuous and comprehensive visibility of all assets deployed across the environment, and must accurately identify all assets, from devices and users to applications. However, existing tools often fail to provide a unified view, leading to inefficiencies and compliance gaps. In fact, according to Splunk’s State of Security 2024 Report, 87% of respondents agree or strongly agree that how they will handle compliance one year from now will be vastly different than today.
“Asset visibility is a critical need that continues to be a problem for many organizations; you can’t protect what you can’t see,” says Michelle Abraham, research director for security and trust at IDC. “As security compliance regulations become increasingly stringent and cyber insurers demand greater transparency into an organization’s security posture, the significance of asset visibility can’t be overstated.”
Splunk Asset and Risk Intelligence enables organizations to take a more proactive approach to security and risk mitigation, ultimately helping them become more resilient:
- Enhanced visibility: Enables the correlation and aggregation of data from various sources (e.g., network, endpoint, cloud, scanning tools) to provide a continually updated inventory of assets and identities, eliminating duplicate or stale data for more accurate, comprehensive asset insights, reducing risk exposure.
- Accurate investigations: Allows security operations teams to map relationships between assets and identities to expedite investigations, enabling rich asset and identity context (e.g., network activity, associations, health) for faster security incident response.
- Optimized compliance posture: Provides out-of-the-box and customizable dashboards and metrics to assess and enhance compliance and security posture, and proactively identify assets lacking critical security controls using compliance framework controls.
“Splunk Asset and Risk Intelligence marks a significant leap forward in proactive risk mitigation for organizations,” said Mike Horn, SVP & GM of Security at Splunk. “By harnessing the power of continuous asset discovery and compliance monitoring, we’re empowering security teams to stay ahead of threats and maintain a robust security posture. This new solution underscores Splunk’s commitment to providing innovative tools that address the evolving challenges of today’s digital landscape.”
Splunk Asset and Risk Intelligence adds to the breadth and depth of security technologies from Cisco and Splunk that customers need to accelerate their journey to the SOC of the future. The combination of security technologies will improve the efficacy, efficiency, and economics for security operations, revolutionizing defense against modern security threats.
Splunk Asset and Risk Intelligence is now in early access. Splunk Asset and Risk Intelligence can be deployed and configured within the on-premises Splunk Enterprise or Splunk Cloud environment and seamlessly integrates with Splunk Enterprise Security, the industry-defining SIEM.
Following Cisco’s acquisition of Splunk in March, the companies are helping customers accelerate their journey toward the Security Operations Center (SOC) of the future with powerful integrations. Today, Cisco and Splunk also announced that customers will be able to seamlessly feed high-fidelity alerts and detections from Cisco XDR into Splunk ES to accelerate investigation and remediation. The integration allows organizations to utilize the strength of each solution to create a more comprehensive defense strategy that will improve digital resilience.