Splunk Intelligence Management Unified App for Splunk Enterprise and Enterprise Security helps security professionals analyze notable events and leverage intelligence to quickly understand threat context and prioritize and accelerate triage.
.conf21
Browse .conf Online for the amazing content that was offered at .conf21 Virtual, and sign up to receive notifications.
Tech Talk
While Splunk SOAR playbooks automate security actions, they become even more powerful and easy to use with the addition of Splunk Intelligence Management (formerly TruSTAR).
Case Studies
Automated Workflows, Time Saved
By consolidating all of its data into a single intelligence management platform, Box is able to open previous investigations and see context for future enrichment in detection and response tools.
Accelerated Detection
By utilizing a bi-directional data flow and a uniform tagging system, LogMeIn was able to have a wider view of information enrichment opportunities and now has a central place to coordinate its response efforts.
Overcame Phishing Threats
Analysts can automatically surface high priority phishing indicators and enrich investigations without disrupted workflows, helping reduce mitigation time from days to hours.
Reduced Fraud Costs
Splunk Intelligence Management's Unified Intel API provides a single point of integration through its fully RESTful API, TAXII infrastructure and Python SDK, making it easy for members to share information with IT-ISAC.
Automated Intel Sharing
All NCU-ISAO members receive a Community Edition plan to ingest and operationalize intelligence from the NCU-ISAO community and open source intelligence feeds and share relevant, anonymous data with ease.
Improved Visibility
Splunk Intelligence Management allows members to share intelligence anonymously, encouraging more sharing, and provides a single platform for members to access that threat intelligence.
Solution Briefs
Intelligence Management for Splunk SIEM.
Accelerate investigations through automated data enrichment
Intelligence Management for Splunk SOAR
Accelerated phishing response through priority scoring.