Using Splunk to Enhance Enterprise Security Capabilities of Google Chrome

Partners James Brodsky

The way we work has drastically changed since the start of the pandemic. With more companies adopting remote and hybrid work models, there has been a 600% increase in cybercrime and 65% of organizations have seen a measurable increase in attempted cyberattacks, which is particularly problematic since, according to the 2022 Splunk State of Security report, 78% say remote workers are harder to secure. Security and IT teams need to do everything they can to ensure their business data and employees are protected while balancing the needs for productivity, no matter where the workers are.

With employees spending more time working in browsers, the opportunity for risky browser behavior to have an impact on enterprise resiliency increases. What’s generally considered risky browser behavior? Some examples include:

Google Chrome browser empowers businesses worldwide to work more securely and productively. Chrome continues to increase an organization's ability to protect their digital estate by making valuable browser security insights available to IT and Security teams and providing security event reporting from the browser directly to the Google Admin console. These events cover a wide range of use cases that help detect and mitigate multiple types of attacks, possible vulnerabilities, and high-risk user behavior within managed Chrome browsers.

As you heard at Splunk .conf23, we are excited to announce that Chrome has partnered with Splunk on a new Google Chrome Add-on for Splunk and Google Chrome App for Splunk that make data ingestion, investigation and response to Chrome security events coming from Chrome Reporting Connectors easier than ever.

Using the Google Chrome Add-on for Splunk, all of the Chrome Threat and Data Protection events that come through the reporting connector are mapped to the Splunk Common Information Model (CIM) to allow for easy correlation with other data sources and maximum efficiency at search time. The events are mapped to these specific data models — Authentication, Change, DLP, Data Access, Endpoint, Malware and Web. Any existing searches against a data model will automatically begin populating with Chrome events. This is especially relevant for Splunk Enterprise Security customers, as much of the prebuilt content is based on searches against CIM data models.

The Google Chrome App and Add-on for Splunk contain prebuilt dashboards and analytics to help investigate the most critical incidents of risky extension installs, malware transfer and unsafe site visits. The solution also includes incident response or automation based detections that make responding to the most important incidents easy by allowing you to automatically:

How to Get Started

Simply navigate over to Splunkbase where you can install the Google Chrome Add-on for Splunk and Google Chrome App for Splunk. If you need helping getting started, take a look at our resources below:

Eradicate the risks that come from risky browser behavior and make your enterprise more resilient by installing the Google Chrome Add-on for Splunk and the Google Chrome App for Splunk today!

Related Articles

Splunk Cloud to Launch on AWS Europe (Milan) Region
Partners
1 Minute Read

Splunk Cloud to Launch on AWS Europe (Milan) Region

We're excited to announce the availability of Splunk Cloud on AWS Cloud Italy from 28th June 2024. Read on to learn more about what that means for your business.
Accenture's Splunk-Powered Control Tower Offering Accelerates Supply Chain Digitization
Partners
2 Minute Read

Accenture's Splunk-Powered Control Tower Offering Accelerates Supply Chain Digitization

Discover how Splunk and Accenture are disrupting the supply chain market with Accenture's Control Tower offering, showcasing the power, flexibility and creativity of combining the Splunk Enterprise platform with the business and technical acumen that Accenture possesses.
Smart, Secure and Sustainable Manufacturing - How Splunk and Google Cloud Are Helping Manufacturers to Skate Where the Puck is Going
Partners
8 Minute Read

Smart, Secure and Sustainable Manufacturing - How Splunk and Google Cloud Are Helping Manufacturers to Skate Where the Puck is Going

Splunk and Google Cloud are helping organizations realize smart, secure and sustainable manufacturing. Manufacturers can now leverage new complementary solutions to stay ahead of the curve and thrive in the data age.