Skip Navigation
BlackBerry Blog

Introducing Splunk® - Real-Time Threat Monitoring and Analysis Made Easy

NEWS / 07.21.16 / Ramita Sawhney

In an obsolete industry that relies heavily on signature updates to provide underwhelming protection, malware based attacks cost security teams countless wasted office hours and budget dollars dealing with the aftermath of security breaches and attacks.

Cylance® is changing all of that. Using artificial intelligence and machine learning technology, our endpoint protection product CylancePROTECT® frees up IT teams by preventing threats before they ever execute.

Now, Cylance is coupling its unbeatable threat-blocking accuracy with powerful new reporting and analysis tools, enabling security teams to better understand threats and activity in their environment without the need for intensive manual analysis.

Meet Our New Splunk App

Today, we're excited to announce the release of the CylancePROTECT application for Splunk. We’ve combined the math based capabilities of CylancePROTECT with the power of Splunk to provide you with all the tools you need to closely monitor and analyze threat data and malicious activity across your organization, in order to help secure your endpoints.

The Splunk application provides powerful analytics by converting raw data into a valuable and searchable data repository that generates custom reports, alerts, and dashboards to assist with your organization’s business security operations.

This gives security professionals and IT administrators the ability to:

   Quickly identify and respond to new threats detected in your environment
   Identify patterns in threat data and user activity over configurable periods of time
   Drill down into specific threat and device data to obtain detailed information for incident response and troubleshooting

Fig1-7.png

Figure 1: Security Event Details Can be Summarized in Splunk Dashboards

Fig2-10.png

Figure 2: Splunk Dashboards With Detailed CylancePROTECT Information Improve Visibility and Response

Complete Visibility and Protection For Your Organization

The CylancePROTECT application for Splunk delivers an easy and scalable way to consolidate large amounts of security data into one convenient dashboard, in order to provide you with a complete and in-depth view of your environment.

The application can be integrated with CylancePROTECT threat data reports for reporting and analysis purposes, enabling you to keep track of all threat and device information. The application can also be integrated with Cylance Syslog for real-time alerting and tracking of malicious threats, exploits, scripts, and other activity within your organization.

If you’re looking to improve your enterprise security operations and get enhanced visibility, try the Splunk application for CylancePROTECT. Contact a Cylance expert to get started!

Ramita Sawhney

About Ramita Sawhney

Senior Product Manager at Cylance

Ramita Sawhney is a Senior Product Manager at Cylance. Prior to Cylance, she worked as a Systems Engineer at Boeing Defense, Space, and Security. She has a Bachelor’s of Science degree in Electrical Engineering.