Splunk Enterprise Security

Splunk Enterprise Security (ES) is a security analytics platform that helps you to detect, investigate, and respond to security threats. ES uses a variety of machine learning, correlation, and threat intelligence techniques to identify and prioritise threats. It also provides a unified view of your security data, so you can easily track and investigate incidents.

Start your project

ES can be used to

Detect threats

ES uses a variety of techniques to detect threats, including machine learning, correlation, and threat intelligence.

Investigate incidents

ES provides a unified view of your security data, so you can easily track and investigate incidents.

Respond to threats

ES provides tools to help you respond to threats, such as playbooks and automation.

Meet compliance requirements

ES can help you to meet compliance requirements by providing reports and dashboards that demonstrate your compliance.

Key features of Splunk ES

Correlation

ES uses correlation to identify relationships between events.

Threat intelligence

ES uses threat intelligence to identify known threats.

Unified view

ES provides a unified view of your security data, so you can easily track and investigate incidents.

Reporting

ES provides reports and dashboards to help you demonstrate your compliance.

Risk-based alerting

Risk-based alerting (RBA) is a Splunk Enterprise Security (ES) feature that helps you to prioritise alerts based on their risk.

Splunk

Cribl

Lenses