3.1 version of Splunk app for enterprise security

SAN FRANCISCO, USA: Splunk, provider of software platform for real-time Operational Intelligence, has announced the general availability of version 3.1 of the Splunk app for enterprise security.

Splunk has introduced a new risk scoring framework in the Splunk App for enterprise security to enable easier, faster threat detection and containment by empowering users to assign risk scores to any data.

The app also includes new features to help users connect and visualize data on the fly and introduces guided search to make security analytics more accessible to a broad range of users without requiring knowledge of programming languages or command syntax.

Splunk customers who have purchased the app can download version 3.1 of the Splunk App for enterprise security on Splunk apps.

New features in the Splunk app for enterprise security focus on delivering risk-based analytics, connecting and visualizing disparate data, and enriching security analysis with threat intelligence.

Key features include:

Risk-based Analytics: Enhance decision-making by applying a risk score to any data through a new Risk Scoring Framework. Helps security and IT teams prioritize, triage and be alerted to threats based on risk score, while also exposing contributing factors of the risk score to all relevant teams.
Visual Investigation: Gain faster, deeper insights across all machine data by giving users the ability to visually discover relationships by creating event swim lanes that organize and correlate all data.

Guided Search Creation: Simplify complex correlation across disparate data sources by building advanced searches in a guided user interface with little or no knowledge of any programming language or command syntax.
Domain Name-based Threat Intelligence: Adding onto the integrated Threat Intelligence Framework, which deduplicates and assigns weights to threat intelligence feeds, security teams can now integrate high-fidelity and complex URLs and domain names.