Splunk ES 4.0 tackles multi-stage attacks with improved breach detection and response as well as improved collaboration through an extensible analytics framework. New features and benefits include:

• Investigator Journal keeps track of ad hoc searches and activities to streamline analysis of multi-stage attacks associated with breach detection and response.
• Investigator Timeline allows individual analysts to place any event, activity or annotation within a visual timeline to better understand and communicate the cause and effect of events and the details of advanced multi-stage attacks.
• Investigator Timeline also allows different security team members to place events, actions and annotations onto the visual timeline to share their analysis and understanding of the scenario to collaboratively investigate incidents, problems and breaches.
• Enterprise Security Framework allows customers, vendors and third parties to create, access and extend ES functionality with their own apps that can run within ES and utilize features such as the alert management, risk scoring, threat intelligence, and identity and asset frameworks.

Learn more about Splunk ES 4.0 on the Splunk website. Splunk ES 4.0 requires Splunk Cloud or Splunk Enterprise version 6.3.x.

Splunk UBA uses unsupervised machine learning, multi-entity behavior baselines, peer group analytics and advanced correlations to improve detection of cyber-attacks and insider threats. Benefits include:

• Helps detect anomalous behavior by users, devices and other entities within the enterprise, and then discover and combine patterns of anomalies into specific, actionable threats.
• Increases security analysts’ effectiveness by helping them to focus upon meaningful threats and malicious activities using kill chain visualizations.
• Operationalizes security through integration with the larger family of Splunk products, including rapid analysis of data from Splunk Enterprise and automatic creation of alerts in Splunk ES 4.0 for easy to manage incident response.

Learn more about Splunk UBA on the Splunk website.

Splunk App for PCI Compliance 3.0 is designed to help organizations verify their PCI compliance posture by reviewing and measuring the effectiveness and status of their technical controls. It can also identify and prioritize any control areas that need attention and lets organizations quickly address auditor requirements. Features include:

• New reports and searches covering the PCI DSS 3.1 standard.
• Updated user interface and additional technology add-ons.
• Built on the Enterprise Security Framework to take advantage of the alert management, risk scoring, threat intelligence, and identity and asset frameworks.

Learn more about the Splunk App for PCI Compliance on Splunkbase.

Splunk Inc. (NASDAQ: SPLK) is the market-leading platform that powers Operational Intelligence. We pioneer innovative, disruptive solutions that make machine data accessible, usable and valuable to everyone. More than 10,000 customers in over 100 countries use Splunk software and cloud services to make business, government and education more efficient, secure and profitable. Join hundreds of thousands of passionate users by trying Splunk solutions for free: http://www.splunk.com/free-trials.