Skip to main content
shared header v2
Push Down Banner V1 Analytics Patch, remove after implementing V2 (S9 or S10)
Global nav V2 patch, remove after adding the mobile languages fix in the codebase (S7 or S8)


Splunk Attack Analyzer

Automate threat analysis of suspected malware and credential phishing threats. Identify and extract associated forensics for accurate and timely detections.



Automatic analysis of active threats. Full-scope insights and rapid resolution.  

Take the manual work out of threat analysis

Submit identified samples directly to Splunk Attack Analyzer or via API, enabling analysts to immediately draw conclusions and take action on the insights generated without wasting manual resources.

fix problems
scale without barriers

See through the eyes of the threat actor

Proprietary technology safely executes the threat providing analysts a comprehensive view showing the technical details of an attack.

Interact with malicious content in a dedicated, unattributable environment 

Seamlessly generate non-attributable environments within Splunk Attack Analyzer in order to access malicious content, URLs and files - without compromising the safety of the analyst or enterprise.

ai driven analytics
scale without barriers

Fully automate end-to-end threat analysis and response workflow 

Paired together, Splunk SOAR and Splunk Attack Analyzer provide a comprehensive end-to-end solution to analyze, understand and rapidly respond to active threats in your environment.


Improve detection efficacy

Leverage multiple layers of detection techniques across both credential phishing and malware.

integrated-monitoring-and-alerting integrated-monitoring-and-alerting

Explore a threat’s inner workings

Access to associated high-fidelity forensics, including analysis activities such as extracted payload URLs from macro source code or encoded powershell commands.

compliance-reporting compliance-reporting

View detailed threat forensics

Access the technical details of attacks, including a point-in-time archive of threat artifacts from the time of reporting.

scale-solutions scale-solutions

Integrate directly with Splunk SOAR

Fully automate a complete end-to-end threat analysis and response workflow.

advanced-search advanced-search

Uplevel threat hunting capabilities

Seamlessly investigate suspected threats by automatically accessing associated technical context, without wasting time.

operationalize-threat-intelligence operationalize-threat-intelligence

Follow and analyze complex attack chains

Visualize the attack chain without requiring security analysts to conduct manual work.

on-call-experience on-call-experience

Access to a comprehensive API

Integrate threat data into other platforms.


Automate your threat analysis



Related Products

hybrid monitoring1 hybrid monitoring1

Splunk Enterprise Security

Analytics-driven SIEM to quickly detect and respond to threats.

View Product Details
Infrastructure Monitoring Infrastructure Monitoring

Splunk SOAR

Supercharge your security operations center with orchestration, automation and response.

View Product Details
Synthetic Monitoring Synthetic Monitoring

Splunk Mission Control

Bring order to the chaos of your security operations. Detect, investigate and respond to threats from one modern and unified work surface.

View Product Details

Get Started

Ready to automate threat analysis?