Splunk Security with the Infosec App

Security Splunk

There's so much that can be accomplished with Splunk’s security tools. Today, we are going to focus on all the benefits of the InfoSec App for Splunk.

The InfoSec app — which is an entitlement to Splunk customers — is powered by the Splunk platform, and relies on accelerated data models and the Common Information Model (CIM) to provide a consistent and normalized view into the event data that you’ll bring into Splunk. The InfoSec app has proven to help numerous organizations build their security program. It's a very popular app, having been downloaded over 21,000 times and is the perfect starter app for your organization’s security program.

The InfoSec app is designed to address the most common security use cases of your organization. The InfoSec app contains a collection of comprehensive, extensible dashboards and alerts that focus on the most common security oriented technology components within your organization's environment. It can be used to investigate incidents, automate compliance tasks, and help protect your network, users, and intellectual property from external adversaries and malicious insider threats.

We know how much you love dashboards, so the Infosec app allows you to create dashboards to fit nearly any and all security use cases including:

With the InfoSec App for Splunk, you'll have the ability to view all of your security events and posture in a single pane. The customizations available elevate the benefits of the app. Your organization can now complete audits by mapping customizable reports to common compliance frameworks such as NIST, HIPPA, PCI, and ISO.

While the InfoSec app can be used as an entry-level security app, there are a number of advanced threat detection use cases available. The advanced threat detections are an entry ramp for less experienced security teams to better understand the most sophisticated detection responses. No matter where your organization is on the security maturity journey, the InfoSec App for Splunk can help.

The best part? The InfoSec app meets you where you are. You can configure it with Splunk Security Essentials (SSE), Splunk Enterprise Security, Splunk SOAR, and other Splunk add-ons. There is also integration between InfoSec and the Splunk Machine Learning Toolkit (MLTK) that can enable advanced ML-based correlation searches within the InfoSec app to detect threats and provide alerts.

Splunk is committed to helping customers achieve more with our security products. There is so much to be excited about with the InfoSec App for Splunk and as always, Splunk is here to help with any questions you may have. Learn more and download the app here.

Happy Splunking!

----------------------------------------------------
Thanks!
Alex Salesi

/en_us/blog/fragments/the-essential-guide-to-soar
Style
two-column

Related Articles

How Playbook Packs Drive Scalable Automation
Security
5 Minute Read

How Playbook Packs Drive Scalable Automation

See how pre-built Playbook Packs from Splunk can help augment your security analysts with automation that scales with your organization’s maturity.
Navigating NIS2 - Accelerating IT/OT Security in Manufacturing with Splunk, Claroty and AWS
Security

Navigating NIS2 - Accelerating IT/OT Security in Manufacturing with Splunk, Claroty and AWS

Explore the 3 biggest manufacturing challenges in 2026: NIS2 compliance, cyber risks, and IT/OT convergence. Learn how an integrated ecosystem from Claroty, AWS, and Splunk enables a secure risk reduction journey for your industrial operations. Stay resilient and compliant in a connected world.
Play Now with BOTS Partner Experiences: Corelight
Security
2 Minute Read

Play Now with BOTS Partner Experiences: Corelight

With the official launch of bots.splunk.com, we're pleased to announce Partner Experiences – capture the flag (CTF) on-demand challenges, built by a Splunk technology partner, running in Splunk, hosted on the BOTS platform and available for free.
/en_us/blog/fragments/about-splunk
/en_us/blog/fragments/subscribe-footer