Intelligence Management Resources

Tech Talk

Splunk Intelligence Management Unified App for Splunk Enterprise and Enterprise Security helps security professionals analyze notable events and leverage intelligence to quickly understand threat context and prioritize and accelerate triage.

.conf21

Browse .conf Online for the amazing content that was offered at .conf21 Virtual, and sign up to receive notifications.

Tech Talk

While Splunk SOAR playbooks automate security actions, they become even more powerful and easy to use with the addition of Splunk Intelligence Management (formerly TruSTAR).

Automated Workflows, Time Saved

By consolidating all of its data into a single intelligence management platform, Box is able to open previous investigations and see context for future enrichment in detection and response tools.

Accelerated Detection

By utilizing a bi-directional data flow and a uniform tagging system, LogMeIn was able to have a wider view of information enrichment opportunities and now has a central place to coordinate its response efforts.

Overcame Phishing Threats

Analysts can automatically surface high priority phishing indicators and enrich investigations without disrupted workflows, helping reduce mitigation time from days to hours.

Reduced Fraud Costs

Splunk Intelligence Management's Unified Intel API provides a single point of integration through its fully RESTful API, TAXII infrastructure and Python SDK, making it easy for members to share information with IT-ISAC.

Automated Intel Sharing

All NCU-ISAO members receive a Community Edition plan to ingest and operationalize intelligence from the NCU-ISAO community and open source intelligence feeds and share relevant, anonymous data with ease.

Improved Visibility

Splunk Intelligence Management allows members to share intelligence anonymously, encouraging more sharing, and provides a single platform for members to access that threat intelligence.