Splunk, the cybersecurity and observability leader, today announced Splunk Asset and Risk Intelligence, a solution designed to power the SOC of the future by helping businesses streamline compliance, reduce cyber risk and eliminate the sources of shadow IT. This new addition builds upon Splunk’s robust security portfolio, which includes Splunk Enterprise Security, Splunk Attack Analyser and Splunk SOAR.
In today’s complex digital landscape, organisations struggle to keep up with an expanding attack surface and to ensure compliance with regulatory requirements. With operations spread across cloud, hybrid, on-prem and IoT systems, security operations teams need continuous and comprehensive visibility of all assets deployed across the environment, and must accurately identify all assets, from devices and users to applications. However, existing tools often fail to provide a unified view, leading to inefficiencies and compliance gaps. In fact, according to Splunk’s State of Security 2024 Report, 87% of respondents agree or strongly agree that how they will handle compliance one year from now will be vastly different than today.
“Asset visibility is a critical need that continues to be a problem for many organisations; you can’t protect what you can’t see,” says Michelle Abraham, research director for security and trust at IDC. “As security compliance regulations become increasingly stringent and cyber insurers demand greater transparency into an organisation’s security posture, the significance of asset visibility can’t be overstated.”
Splunk Asset and Risk Intelligence enables organisations to take a more proactive approach to security and risk mitigation, ultimately helping them become more resilient:
⦁ Enhanced visibility: Enables the correlation and aggregation of data from various sources (e.g., network, endpoint, cloud, scanning tools) to provide a continually updated inventory of assets and identities, eliminating duplicate or stale data for more accurate, comprehensive asset insights, reducing risk exposure.
⦁ Accurate investigations: Allows security operations teams to map relationships between assets and identities to expedite investigations, enabling rich asset and identity context (e.g., network activity, associations, health) for faster security incident response.
⦁ Optimised compliance posture: Provides out-of-the-box and customisable dashboards and metrics to assess and enhance compliance and security posture, and proactively identify assets lacking critical security controls using compliance framework controls.
“Splunk Asset and Risk Intelligence marks a significant leap forward in proactive risk mitigation for organisations,” said Mike Horn, SVP & GM of Security at Splunk. “By harnessing the power of continuous asset discovery and compliance monitoring, we’re empowering security teams to stay ahead of threats and maintain a robust security posture. This new solution underscores Splunk’s commitment to providing innovative tools that address the evolving challenges of today’s digital landscape.”
Splunk Asset and Risk Intelligence adds to the breadth and depth of security technologies from Cisco and Splunk that customers need to accelerate their journey to the SOC of the future. The combination of security technologies will improve the efficacy, efficiency, and economics for security operations, revolutionising defence against modern security threats.
Splunk Asset and Risk Intelligence is now in early access. Splunk Asset and Risk Intelligence can be deployed and configured within the on-premises Splunk Enterprise or Splunk Cloud environment and seamlessly integrates with Splunk Enterprise Security, the industry-defining SIEM.
For more details on Splunk Asset and Risk Intelligence, please visit our website.
Integrating Cisco Extended Detection & Response (XDR) with Splunk Enterprise Security (ES):
Following Cisco’s acquisition of Splunk in March, the companies are helping customers accelerate their journey toward the Security Operations Centre (SOC) of the future with powerful integrations. Today, Cisco and Splunk also announced that customers will be able to seamlessly feed high-fidelity alerts and detections from Cisco XDR into Splunk ES to accelerate investigation and remediation. The integration allows organisations to utilise the strength of each solution to create a more comprehensive defence strategy that will improve digital resilience.