Damballa today announced a technology alliance with Splunk Inc., and the Damballa Failsafe Technology Add-on for Splunk Enterprise, which combines Damballa’s advanced threat protection and containment capabilities with the advanced machine data analytics platform Splunk® Enterprise. The combination provides enterprises with a ‘single pane of glass’ view into their security posture for advanced, often hidden threats. Damballa Failsafe provides enterprises with actionable intelligence to act efficiently and decisively to find, contain and respond to all of the active infections in your network, prevent breaches and eliminating risk from advanced threats. Splunk Enterprise is a big data security intelligence platform used for log management, incident investigation and response, forensics, security and compliance reporting, fraud detection and real-time detection of known and unknown threats. In conjunction with the partnership, Damballa today is making available an integration between Damballa Failsafe and Splunk Enterprise. The Damballa Failsafe Technology Add-on will enable all Damballa advanced threat discoveries to flow into Splunk Enterprise (versions 5.x and 6.x) for direct correlation with other solutions and integration with the Splunk App for Enterprise Security. “The ability to correlate security Big Data, and provide meaningful analytics across it, in one place, is becoming increasingly critical to improving security posture,” said Brian Foster, CTO of Damballa. “Splunk Enterprise is quickly becoming the platform that enterprises leverage to harness their data and improve their intelligence. Having access to Damballa’s actionable threat intelligence within the context of other security and enterprise intelligence, enterprises can harness the combination to significantly improve their response time and posture.” Leveraging Damballa and Splunk Enterprise together, enterprises can:
- Optimize resources through a ‘single pane of glass’ view into Damballa events, now available within Splunk Enterprise
- View their security posture regarding “hidden” advanced threats, via the Damballa dashboard
- Improve correlation and incident response, through the ability to search Damballa evidence within Splunk Enterprise
- Conduct rapid forensic investigation, with the ability to rapidly investigate the prior activities of a device from other logs to determine how the device might have become infected, its behavior related to other devices, etc.
www.damballa.com, or follow us on Twitter @DamballaInc. About Splunk Splunk Inc. (NASDAQ: SPLK) provides the engine for machine data™. Splunk® software collects, indexes and harnesses the machine-generated big data coming from the websites, applications, servers, networks, sensors and mobile devices that power business. Splunk software enables organizations to monitor, search, analyze, visualize and act on massive streams of real-time and historical machine data. More than 6,000 enterprises, universities, government agencies and service providers in over 90 countries use Splunk Enterprise to gain Operational Intelligence that deepens business and customer understanding, improves service and uptime, reduces cost and mitigates cybersecurity risk. Splunk Cloud™ is a service that delivers Splunk Enterprise in the cloud for large-scale production environments. Splunk Storm®, a cloud-based subscription service, is used by organizations developing and running applications in the cloud. Hunk™: Splunk Analytics for Hadoop is a fully integrated analytics platform for Hadoop that enables everyone in an organization to interactively explore, analyze and visualize historical data in Hadoop. To learn more, please visit www.splunk.com/company. All brand names, product names, or trademarks belong to their respective owners.