Category: Tag:

Customer

Customer delivers converged intelligence and risk solutions to private and public sector organizations worldwide

It provides meaningful intelligence to assist organizations in combating threats and adversaries.

Requirement

Customer requested the development of Certified Splunk Add-on to integrate its platform with Splunk.

data-protection

Technology Solution

Sacumen developed the Certified Splunk Add-on that performs the following:

Captures, indexes, and correlates in real time technical data within Splunk’s searchable repository.

Enables users to generate reports and visualizations, including graphs, alerts, and dashboards.

Collect integrated data using REST-based API.

Includes IOCs such as hashes, URLs, domains, as well as details related to malware families, mapping to the MITRE ATT&CK framework.

The Add-on was built using Splunk Add-on builder and modular input in python language was written.

The Add-on supports Splunk version 7.x.

Add-on supported Retry mechanism, It supported setting logging level and proxy support.

Add-on supported CIM 4.x.

Do you need free Consultation for your security product integration?

    There are no reviews yet.

    Be the first to review “Business Risk Intelligence Platform integration (Add-on) with Splunk”