Splunk Inc. provides the leading software platform for real-time Operational Intelligence. Splunk® software and cloud services enable organizations to search, monitor, analyze, and visualize machine-generated big data coming from websites, applications, servers, networks, sensors, and mobile devices. More than 7,400 enterprises, government agencies, universities, and service providers in over 90 countries use Splunk software to deepen business and customer understanding, mitigate cybersecurity risk, prevent fraud, improve service performance, and reduce cost. Splunk products include Splunk® Enterprise, Splunk Cloud™, Splunk Storm®, Hunk™, and premium Splunk Apps. To learn more, please visit https://www.splunk.com/company.
Provides a mechanism for running preconfigured actions within the Splunk platform or by integrating with external application. These actions can be automatically triggered by correlation search results or manually run on an ad hoc basis from the Incident Review dashboard.
This framework is one of five frameworks in Splunk Enterprise Security with which you can integrate.
Most adaptive response actions produce new events in the Splunk platform. Response events are linked to the action that produced them with orig_action_name or ig_sig, and orig_rid fields, allowing developers or ES admins to construct workflows of chained actions, ES admins and analysts can then customize and audit these workflows.
Stay ahead of compliance mandates. Reduce time, errors, and costs with an analytics-driven approach.
|
|
|
Automate Data Collection | Continuous Risk Assessment | Painless Audit and Reporting |
Reach out to our Splunk team at Carahsoft for more information on compliance standards at splunk@carahsoft.com
|
Splunk for FISMACompliance auditing solution for NIST 800-53 guidelines |
|
Splunk for RMFSecurity monitoring to detect insiders or advanced attackers in your environment |
|
HIPPA Privacy and Security Scout
|
|
Splunk App for PCI Compliance
|
![]() |
ITSI AppMonitoring and analytics solutions powered by artificial intelligence for IT Operations (AIOPs) that provides visibility into healthy and key performance indicators of critical IT and business services, and nits infrastructure. |
|
Cisco SuiteProvides a single pane of glass interface into Cisco security services. It supports Cisco ASA and PIX firewall applications, the FWSM firewall services module, Cisco IPS, Cisco Web Security Appliance (WSA), Cisco Email Security Appliance (ESA), Cisco Identity Services Engine (ISE), pxGrid, and Cisco Advanced Malware Protection/Sourcefire. |
From security monitoring to detecting insiders or advanced attackers in your environment, this app uses Splunk Enterprise and the power of Search Processing Language (SPL) to showcase many working examples.
Thousands of organizations rely on Splunk as the single source of truth to help drive better, faster security decisions
|
|
The nerve center of the security ecosystem, giving teams the insight to quickly detect and respond to internal and external attacks, simplify threat management minimizing risks.
Turn Machine Data into answers for real-time insights to boost business results
|
|||
Real-Time Visibility: |
Data Source Agnostic: |
AI & Machine Learning: |
|
Automate the collection, indexing, and alerting of machine data that is critical to your operations | Uncover the actionable insights from all your data - no matter the source of format | Leveraging artificial intelligence and machine learning for predictive and proactive business decisions |
Carahsoft has partnered with several Splunk technology partners to provide a robust ecosystem of complementary solutions for Splunk’s operational intelligence platform.
These solutions address an expansive range of ready-to-use
applications, including optimized data collection, security monitoring, IT
management and more, and will continue to grow as Carahsoft’s Splunk Partner
portfolio expands. A full list of Solution Providers and their specialties
can be found below.
For more information contact:
Splunk Technology Alliance Partner TeamCorelight transforms raw network traffic into comprehensive, organized network logs with the use of open source Bro (now 'Zeek'). Founded and maintained by the creators of Bro, Corelight provides actionable insights into security events by assembling raw, disparate network data into over 400 protocol-based fields for correlation and analysis in a SIEM tool.
Expanse is a SaaS company that continuously discovers, tracks, and monitors the dynamic global Internet Edge for the world’s largest organizations. In addition, Expanse is the first company to deliver off-premise analysis of network edge communications to identify customer systems that are making risky connections to out-of-policy services on the public Internet
Indegy, is a leader in industrial cyber security, protects industrial control system (ICS) networks from cyber threats, malicious insiders and human error. The Indegy Industrial Cyber Security Suite arms security and operations teams with full visibility, security and control of ICS activity and threats by combining hybrid, policy-based monitoring and network anomaly detection with unique device integrity checks.
Security operations teams are drowning in machine data and strapped for people who can make sense of the signals coming from it. In today’s rapidly evolving threat landscape, quickly drawing actionable insights from the data is the key to reducing risk. Cyber Security Investigator (CSI) for Splunk enables your analysts at any level to harness the power of natural language search, be significantly more productive, and think strategically, as they investigate complex data.
Qmulos Apps, powered by Splunk, are the only compliance solutions architected to foster a continuous monitoring mindset to the compliance problem. Our security expertise led us to focus our solution on security-relevant machine state data, as well as other required audit evidence types. Our key execs have decades of proven compliance, cyber, and security research experience. Our company is a ISV (TAP) and Professional Services Partner of Splunk.
>rapid response is a new app built by Optensity for use with Splunk alerts. >rapid response lets you turn Splunk’s operational intelligence into direct action in real-time. Rely on >rapid response to ensure fast, repeatable execution of your critical IT operations, security, compliance and application delivery strategies.
SwiftStack provides cloud-native, software-defined storage for unstructured data in a single namespace, powered by policies to extend enterprise workflows across private and public cloud infrastructure. Verified by Splunk, and proven to be fully compatible with Splunk SmartStore, SwiftStack is the only storage option that can be built on the same server platform as Spunk indexers, helping to simplify operations and management of disparate data sets.
Check out the Workshops tab to learn about our Splunk hands-on workshops around Splunk Enterprise, IT Service Intelligence, and Enterprise Security.
February 28, 2019 at 1:00 PM ET
|