Free Analyst Report: SIEM
Get the 2024 Gartner® Magic Quadrant™ for SIEM for free.
Splunk Threat Intelligence Management
Looking for Splunk Intelligence Management? We’ve made some updates — learn more here.
What is Threat Intelligence Management?
Threat Intelligence Management provides SOC analysts actionable intelligence with associated normalized risk scores and the necessary context from intelligence sources that are required in order to detect, prioritize and investigate security events.
As a feature of both Splunk Enterprise Security (ES) and Splunk Mission Control, Threat Intelligence Management* enables analysts to fully investigate security events or suspicious activity by providing the relevant and normalized intelligence to better understand threat context and accelerate time to triage.
Benefits
With Threat Intelligence Management your team can:
- Gain more context around risk and threats targeting the organization with a full breadth of embedded intelligence from data feeds such as; open-source, technical indicators, malware analysis tools, and threat intelligence reports.
- Reduce noise and surface the highest fidelity intelligence for action through normalized scores from different sources.
- Simplify security workflows by accessing intelligence within Splunk’s leading SIEM and unified workspace, Splunk Mission Control, that provides analysts the right intelligence, at the right time.
(Learn more about Threat Intelligence Management.)
*Initial availability to eligible AWS customers in select US regions only.
Learn more about Splunk Enterprise Security
Interested in learning more about Splunk Enterprise Security? We’ve got you covered! Take a guided tour now or talk to your account manager.
Check out Splunk Enterprise Security
More Splunk resources
- Splunk Lantern: Using threat intelligence in Splunk Enterprise Security
- Docs for Splunk Intelligence Management (Legacy)
And here are more destination for support across the Splunk ecosystem:
- Splunk Docs, where you’ll find all the technical specs for our products.
- Splunk Lantern, where you can self-serve your way to achieving business use cases with Splunk products.
- Splunk Training & Certification, where you can take a variety of courses or follow learning paths towards Splunk expertise.
- Splunk Community, where you can ask questions and get answers from users and experts.
See an error or have a suggestion? Please let us know by emailing ssg-blogs@splunk.com.
This posting does not necessarily represent Splunk's position, strategies or opinion.
Related Articles
About Splunk
The Splunk platform removes the barriers between data and action, empowering observability, IT and security teams to ensure their organizations are secure, resilient and innovative.
Founded in 2003, Splunk is a global company — with over 7,500 employees, Splunkers have received over 1,020 patents to date and availability in 21 regions around the world — and offers an open, extensible data platform that supports shared data across any environment so that all teams in an organization can get end-to-end visibility, with context, for every interaction and business process. Build a strong data foundation with Splunk.
Subscribe to our blog
Get the latest articles from Splunk straight to your inbox.
Connect with Splunk on X
Follow @Splunk
