Looking for Splunk Intelligence Management? We’ve made some updates — learn more here.
Threat Intelligence Management provides SOC analysts actionable intelligence with associated normalized risk scores and the necessary context from intelligence sources that are required in order to detect, prioritize and investigate security events.
As a feature of both Splunk Enterprise Security (ES) and Splunk Mission Control, Threat Intelligence Management* enables analysts to fully investigate security events or suspicious activity by providing the relevant and normalized intelligence to better understand threat context and accelerate time to triage.
With Threat Intelligence Management your team can:
(Learn more about Threat Intelligence Management.)
*Initial availability to eligible AWS customers in select US regions only.
Interested in learning more about Splunk Enterprise Security? We’ve got you covered! Take a guided tour now or talk to your account manager.
Check out Splunk Enterprise Security
And here are more destination for support across the Splunk ecosystem:
See an error or have a suggestion? Please let us know by emailing ssg-blogs@splunk.com.
This posting does not necessarily represent Splunk's position, strategies or opinion.
The Splunk platform removes the barriers between data and action, empowering observability, IT and security teams to ensure their organizations are secure, resilient and innovative.
Founded in 2003, Splunk is a global company — with over 7,500 employees, Splunkers have received over 1,020 patents to date and availability in 21 regions around the world — and offers an open, extensible data platform that supports shared data across any environment so that all teams in an organization can get end-to-end visibility, with context, for every interaction and business process. Build a strong data foundation with Splunk.