Splunk Mission Control acts on data ‘at machine speed’

Machine speed response

The company points out one core truth and says that as the volume of security-relevant data continues to grow, so will the importance of technologies that can automate and respond to that data in real-time.

So… the mission is: detection, defence and action on threats at machine speed.

New product announcements include Splunk Enterprise Security (ES) 6.0 as the latest version of Splunk’s flagship security offering. Splunk ES is a security information and event management (SIEM) platform that now benefits from improved asset and identity framework enhancements.

Splunk User Behavior Analytics (UBA) 5.0 is described as a product that enables security teams to build advanced, customized Machine Learning (ML) models for baselining and tracking deviations, based on their security environment and use cases.

Splunk Phantom 4.6 is the company’s security orchestration, automation and response (SOAR) product and it now come to the mobile phone.

“Phantom on Splunk Mobile allows customers to automate repetitive, manual tasks from the palm of their hand, enabling analysts to focus on mission-critical security threats that fuel security operations. Splunk Phantom 4.6 also introduces new open source integration apps, giving developers easy access to Phantom’s source code to extend SOAR to the unique needs of every individual SOC,” said the company, in a press statement.

Splunk has also announced several new security apps and updates to Splunk ES Content Update, which delivers pre-packaged Security Content to Splunk ES customers. Updates include Splunk Analytics Story Preview, a new Splunkbase app; Cloud Infrastructure Security, new security content which analyses cloud infrastructure environments; and new open source content, including over 30 new open sourced apps for Splunk Phantom.