X-Pack is an Elastic Stack extension that bundles security, alerting, monitoring, reporting, and graph capabilities into one easy-to-install package. While the X-Pack components are designed to work together seamlessly, you can easily enable or disable the features you want to use.
Splunk Enterprise Security is a SIEM, log management, and IT operations analytics tool. The solution provides users with the ability to secure their information and manage their data in the cloud, data centers, or other applications. Splunk Enterprise Security also offers visibility from different areas, levels, and devices, rather than from a single system, thus, providing its users with flexibility. Splunk Enterprise Security can monitor data and analyze, detect, and prevent intrusions. This benefits users as it provides alerts to possible intrusions, helps users to be proactive, and reduces risk factors.
Full visibility across your environment
Break down data silos and gain actionable intelligence by ingesting data from multicloud and on-premises deployments. Get full visibility to quickly detect malicious threats in your environment.
Fast threat detection
Defend against threats with advanced security analytics, machine learning and threat intelligence that focus detection and provide high-fidelity alerts to shorten triage times and raise true positive rates.
Efficient investigations
Gather all the context you need and initiate flexible investigations with security analytics at your fingertips. The built-in open and extensible data platform boosts productivity and drives down fatigue.
Open and scalable
Built on an open and scalable data platform, you can stay agile in the face of evolving threats and business needs. Splunk meets you where you are on your cloud journey, and integrates across your data, tools and content.
USM Anywhere centralizes security monitoring of networks and devices in the cloud, on premises, and in remote locations, helping you to detect threats virtually anywhere.
Discover
- Network asset discovery
- Software & services discovery
- AWS asset discovery
- Azure asset discovery
- Google Cloud Platform asset discovery
Analyze
- SIEM event correlation, auto-prioritized alarms
- User activity monitoring
- Up to 90-days of online, searchable events
Detect
- Cloud intrusion detection (AWS, Azure, GCP)
- Network intrusion detection (NIDS)
- Host intrusion detection (HIDS)
- Endpoint Detection and Response (EDR)
Respond
- Forensics querying
- Automate & orchestrate response
- Notifications and ticketing
Assess
- Vulnerability scanning
- Cloud infrastructure assessment
- User & asset configuration
- Dark web monitoring
Report
- Pre-built compliance reporting templates
- Pre-built event reporting templates
- Customizable views and dashboards
- Log storage
Sprint, Travelport, Grab, Autopilot, Just Eat, Accenture, Dell, Verizon Wireless, Guidestar, Influence Health, Shopback, Kaidee, Compare Group, Tango
Splunk has more than 7,000 customers spread across over 90 countries. These customers include Telenor, UniCredit, ideeli, McKenney's, Tesco, and SurveyMonkey.
Abel & Cole, Bank of Ireland, Bluegrass Cellular, CareerBuilder, Claire's, Hays Medical Center, Hope International, McCurrach, McKinsey & Company, Party Delights, Pepco Holdings, Richland School District, Ricoh, SaveMart, Shake Shack, Steelcase, TaxAct, Taylor Morrison, Vonage and Zoom