Resecurity has announced a native integration with Splunk via a dedicated app on the Splunkbase platform, which enables organizations to integrate advanced cyber threat intelligence into existing security infrastructures. This integration enables security teams to consume indicators of compromise and indicators of attack directly into the Security Information and Event Management (SIEM) and Security Operations Center (SOC) environments of the Splunk platform using standard protocols like TAXII. This enables organizations to leverage the benefits of internal threat intelligence and Resecurity’s threat intelligence feeds to improve the overall cybersecurity posture of the organization.
Also Read: NetApp and Elastio Partner to Strengthen Multi-Layered Ransomware Resilience
This integration is now available and can be deployed with the existing Splunk Enterprise platform and provides flexible configuration options to support the diverse operational needs of organizations of various sizes and types. This integration enables the ingestion of the indexed threat intelligence into the Splunk platform and supports the overall process of threat detection and response with enhanced visibility into the existing monitoring and investigation workflows of the organization.