Splunk and DTEX Systems Accelerate Zero-Trust Security Operations with Insider Risk Intelligence & Endpoint Telemetry
Splunk and DTEX Systems have partnered to offer a first-of-its-kind Workforce Cyber Intelligence & Security solution that delivers the contextual human activity intelligence and endpoint telemetry ignored by NGAV, UEBA and DLP tools.
Together, Splunk and DTEX are accelerating security response times and root cause analysis, driving faster event resolution with advanced analytics and reporting, and decreasing manual security and IT operations with DMAP+ telemetry that provides the full context regarding the data, machines, applications and people involved in an event via a single, noise-free endpoint data signal.
DTEX InTERCEPT brings a previously unavailable data source to existing cyber security architectures that multiplies the value of NGAV while allowing for the consolidation of UEBA, Endpoint DLP and Digital Forensics tools with a lightweight, cloud-native platform that scales to thousands of endpoints and servers in hours with zero impact on user productivity and endpoint performance.
DTEX InTERCEPT’s next-generation DMAP+ forwarders and cloud analytics engine delivers a single, noise-free data source that proactively identifies insider threats, predicts data loss events, protects remote workers, flags possible credential compromise and monitors file servers and packaged applications for atypical behavior and requests.
Splunk takes DTEX InTERCEPT’s ‘Indicators of Intent’ and uses them to provide the customer with a better, more contextually rich understanding of how user activity is influencing what’s happening in their environment and if those behaviors are creating risks to data, users and operational processes.
How Organizations Are Utilizing DTEX InTERCEPT with Splunk Enterprise Security & Splunk SOAR
- Advanced integration with DTEX InTERCEPT DMAP+ data source, including transformation into Splunk CIM format (no contextual losses) to provide actionable, human-behavioral intent data within Splunk ES
- Real-time, detailed analytics and reporting for DTEX InTERCEPT to accelerate response times and root cause analysis by upwards of 30%
- Faster, more automated ‘notable event’ investigation and remediation that can reduce manual operations by 80% with Splunk SOAR