Free Analyst Report: SIEM
Get the 2024 Gartner® Magic Quadrant™ for SIEM for free.
Splunk Threat Intelligence Management
Looking for Splunk Intelligence Management? We’ve made some updates — learn more here.
What is Threat Intelligence Management?
Threat Intelligence Management provides SOC analysts actionable intelligence with associated normalized risk scores and the necessary context from intelligence sources that are required in order to detect, prioritize and investigate security events.
As a feature of both Splunk Enterprise Security (ES) and Splunk Mission Control, Threat Intelligence Management* enables analysts to fully investigate security events or suspicious activity by providing the relevant and normalized intelligence to better understand threat context and accelerate time to triage.
Benefits
With Threat Intelligence Management your team can:
- Gain more context around risk and threats targeting the organization with a full breadth of embedded intelligence from data feeds such as; open-source, technical indicators, malware analysis tools, and threat intelligence reports.
- Reduce noise and surface the highest fidelity intelligence for action through normalized scores from different sources.
- Simplify security workflows by accessing intelligence within Splunk’s leading SIEM and unified workspace, Splunk Mission Control, that provides analysts the right intelligence, at the right time.
(Learn more about Threat Intelligence Management.)
*Initial availability to eligible AWS customers in select US regions only.
Learn more about Splunk Enterprise Security
Interested in learning more about Splunk Enterprise Security? We’ve got you covered! Take a guided tour now or talk to your account manager.
Check out Splunk Enterprise Security
More Splunk resources
- Splunk Lantern: Using threat intelligence in Splunk Enterprise Security
- Docs for Splunk Intelligence Management (Legacy)
And here are more destination for support across the Splunk ecosystem:
- Splunk Docs, where you’ll find all the technical specs for our products.
- Splunk Lantern, where you can self-serve your way to achieving business use cases with Splunk products.
- Splunk Training & Certification, where you can take a variety of courses or follow learning paths towards Splunk expertise.
- Splunk Community, where you can ask questions and get answers from users and experts.
See an error or have a suggestion? Please let us know by emailing splunkblogs@cisco.com.
This posting does not necessarily represent Splunk's position, strategies or opinion.
Related Articles
About Splunk
The world’s leading organizations rely on Splunk, a Cisco company, to continuously strengthen digital resilience with our unified security and observability platform, powered by industry-leading AI.
Our customers trust Splunk’s award-winning security and observability solutions to secure and improve the reliability of their complex digital environments, at any scale.
Subscribe to our blog
Get the latest articles from Splunk straight to your inbox.
Connect with Splunk on X
Follow @Splunk
