Adaptive Response Initiative
Multi-vendor security intelligence across domains
A Framework for Adaptive Security Architectures
Security architectures typically involve many layers of tools and products that are not designed to work together, leaving gaps in how security teams bridge multiple domains. Splunk is addressing these gaps by extending its adaptive response framework to Splunk Enterprise Security, adding a common interface for automating retrieval, sharing, and response in multi-vendor environments. Adaptive Response Initiative participants are collaborating to address the challenges of complex cyber threats by:
- Enabling a multi-vendor adaptive security architecture
- Extracting new insights from existing security architectures
- Improving investigations with more context from key security and IT domains
Designed for Heterogeneous Security Architectures
Splunk Enterprise Security includes a common framework for interacting with data and invoking actions. The Adaptive Response framework enables security teams to quickly and confidently apply changes to the environment. Splunk Enterprise Security can automate the response as well, enabling the security infrastructure to adapt to the attacker using a range of actions appropriate to each domain.
Adaptive Response is designed for heterogeneous security architectures. By leveraging the Splunk-led Adaptive Response Initiative, customers can benefit from best practices derived from leading vendors who are collaborating to address modern cyber threat challenges.