Systems and security management company Tanium today announced the Tanium App for Splunk® Enterprise. The Tanium App for Splunk Enterprise leverages Tanium’s endpoint threat detection and response capabilities to collect and analyze that data in Splunk Enterprise, a Big Data security analytics platform, to better understand cyber threats and anomalies detected in Tanium data.
“People have simply never had this level of access and control at enterprise scale. Companies typically spend days, if not weeks, trying to deal with such attacks. We are changing the paradigm completely.”
The Tanium App for Splunk Enterprise asks a fixed set of questions to all Tanium agents. It then brings the data into Splunk Enterprise for analysis, correlation, alerting and visualization. The app offers drill-down details on such critical items as application and process information, suspicious open ports, external connections, network information, as well as detailed asset management data gathered by Tanium agents. Splunk Enterprise’s enrichment capabilities can add context provided by external machine data sources across the enterprise. Splunk Enterprise also enables correlation of Tanium’s endpoint threat detection information with network level data, external threat intelligence feeds, or any application data point that is relevant in solving the security equation.
“I view the combination of the Tanium and Splunk platforms as a positive development in cyber security,” said Jon Oltsik, an analyst with Enterprise Strategy Group. “This app offers large enterprises the ability to address risks associated with a previously unmanaged network segment or device. We are not just talking about seeing and preventing attacks, but also improving the time-to-response.”
“Managing security in a distributed environment with 500,000 computers around the world is no small feat, and when a successful spear-phishing attack is unfolding, time is of the essence. Our combined solution helps shorten time to remediation,” said Didi Dayton, VP of WW Strategic Alliances at Tanium. “People have simply never had this level of access and control at enterprise scale. Companies typically spend days, if not weeks, trying to deal with such attacks. We are changing the paradigm completely.”
“Splunk’s mission is to make machine data accessible, usable and valuable for everyone. The Tanium App for Splunk Enterprise adds contextual information about the endpoint, allowing organizations to correlate this information to gain operational and security intelligence,” said Haiyan Song, Senior Vice President of Security Markets, Splunk.
Tanium is also a Sponsor of .conf 2014, The Fifth Annual Worldwide Splunk Users’ Conference and will be showing a demo of the app at the conference. For additional insight into this news, please visit https://www.tanium.com/events/splunkconference2014.
Tanium transcends the limitations of legacy technologies to deliver the “next generation” of endpoint threat detection and response capabilities required by the distributed enterprise. Tanium provides instant command and control – at scale – across some of the largest enterprises in the world. Based on a resilient linear peer-to-peer topology, Tanium is able to deliver unparalleled speed, precision and control so that IT security pros and incident responders can respond and remediate threats in seconds, and at scale.
Tanium gives the world’s biggest organizations the unique power to control, manage and secure millions of endpoints within seconds. Serving as the “central nervous system” for enterprises, Tanium prevents downtime and attacks that can cripple organizations and cause costly business interruptions. By collecting and processing billions of metrics across global networks of endpoints in seconds, and allowing enterprises to quickly change the state of those endpoints, CIOs, CISOs and IT managers can do everything from proactively identifying and fixing issues to fending off professional-grade security attacks.
About Splunk Inc.
Splunk Inc. (NASDAQ:SPLK) provides the leading software platform for real-time Operational Intelligence. Splunk® software and cloud services enable organizations to search, monitor, analyze and visualize machine-generated big data coming from websites, applications, servers, networks, sensors and mobile devices. More than 7,900 enterprises, government agencies, universities and service providers in 100 countries use Splunk software to deepen business and customer understanding, mitigate cybersecurity risk, prevent fraud, improve service performance and reduce cost. Splunk products include Splunk® Enterprise, Splunk Cloud™, Hunk®, Splunk MINT™ and premium Splunk Apps. To learn more, please visit http://www.splunk.com/company.
Splunk, Splunk>, Listen to Your Data, The Engine for Machine Data, Hunk, Splunk Cloud, Splunk Storm and SPL are trademarks and registered trademarks of Splunk Inc. in the United States and other countries.