SAN FRANCISCO AND AWS re:Invent 2018, LAS VEGAS – November 28, 2018 – Splunk Inc. (NASDAQ: SPLK), delivering actions and outcomes from the world of data, today announced integrations with the newly launched Amazon Web Services (AWS) Security Hub. AWS Security Hub provides a comprehensive view to manage security alerts and automate compliance checks for AWS customers. Splunk® Enterprise and Splunk Phantom integrations with the AWS Security Hub are designed to help customers further accelerate detection, investigation and response to potential threats within their AWS security environment.
“As organizations continue to migrate to the cloud, data is dispersed across various teams that need to ensure that they are monitoring and analyzing it in order to detect potential threats and respond to them quickly,” said Haiyan Song, senior vice president and general manager of security markets, Splunk. “Splunk’s support for AWS Security Hub allows our customers to take an analytics-driven approach to security, and to scale their security operations through automation and orchestration capabilities.”
Splunk can also leverage Amazon CloudWatch Events to provide customers with data directly from AWS Security Hub. From there, Splunk can monitor and identify potential threats across AWS Security products like Amazon GuardDuty, Amazon Inspector, and Amazon Macie directly in the Splunk platform. Additionally, the Splunk integration enables serverless automation to gather findings from AWS Security Hub sending them to a HTTP Event Collector in the Splunk platform. With the Splunk Phantom App for AWS Security Hub, findings can be sent to Phantom for automated context enrichment with additional threat intelligence information or to perform automated response actions. By adding broader context to findings, security teams can make well-informed decisions and take action quickly.
“Today’s security teams are not only tasked with preventing security breaches and responding to potential threats, but they also need to be aware of the latest rules and regulations that allow their organizations to operate effectively and be in compliance,” said Dan Plastina, Vice President, Security and Services, Amazon Web Services, Inc. “We are working with Splunk to allow our customers to continue AWS Security Hub investigations in the Splunk platform and to initiate their Splunk Phantom automation playbooks.”
Splunk Phantom Amazon Machine Image (AMI) Now Available on AWS Marketplace
To further expand the Splunk security solutions available for AWS customers, a Splunk Phantom AMI is now available on AWS Marketplace. Splunk Phantom makes it simple and straightforward to automate, orchestrate and respond to threats within AWS environments. AWS customers can launch the Splunk Phantom AMI on the AWS Marketplace.
Get up to date information on all the Splunk activities happening at the event by visiting Splunk’s AWS re:invent 2018 page. re:Invent attendees can also visit the Splunk booth #2816.
Splunk Inc. (NASDAQ: SPLK) helps organizations ask questions, get answers, take actions and achieve business outcomes from their data. Organizations use market-leading Splunk solutions with machine learning to monitor, investigate and act on all forms of business, IT, security, and Internet of Things data. Join millions of passionate users and try Splunk for free today.
Splunk, Splunk>, Listen to Your Data, The Engine for Machine Data, Splunk Cloud, Splunk Light and SPL are trademarks and registered trademarks of Splunk Inc. in the United States and other countries. All other brand names, product names, or trademarks belong to their respective owners. © 2018 Splunk Inc. All rights reserved.