In this video, Cylance's Technical Alliance Director Mike Resong digs into the Cylance/Splunk integration.
Says Resong, “As a security operations professional, you have a lot of work to do on analysis – whether it’s a threat, whether it’s a device that’s out of date, somebody’s got to have a dashboard, and somebody’s got to deliver that information to the person that needs it.”
Whether someone has to do a report or an investigation, they’ll need that data immediately available and to hand. “I don’t want to go to 75 consoles to look for it. I want to go to a convenient place that has all the metrics,” explains Resong. “That’s what we deliver, with this app.”
Watch the full interview with Mike Resong here:
The CylancePROTECT® app for Splunk makes real-time threat monitoring and analysis easy. We’ve combined the math based capabilities of CylancePROTECT with the power of Splunk to provide you with all the tools you need to closely monitor and analyze threat data and malicious activity across your organization, in order to help secure your endpoints.
The Splunk application provides powerful analytics by converting raw data into a valuable and searchable data repository that generates custom reports, alerts, and dashboards to assist with your organization’s business security operations.
This gives security professionals and IT administrators the ability to:
- Quickly identify and respond to new threats detected in your environment
- Identify patterns in threat data and user activity over configurable periods of time
- Drill down into specific threat and device data to obtain detailed information for incident response and troubleshooting
Grab the Cylance app on Splunkbase at: https://splunkbase.splunk.com/app/3233/