Data analytics software vendor Splunk Inc. this month introduced Splunk Mission Control, a cloud-based tool that provides customers a unified Security Operations Suite, which includes Splunk Enterprise Security, Splunk Phantom and Splunk User Behavior Analytics.
The new product is aimed at unifying data, analytics and operations into a single experience to let team members of a security operations center collaborate in sync, according to the company.
Customers of Splunk Security Operations Suite can act on threats and other security issues throughout an event lifecycle. The suite also supports investigation and search across multiple on-premises and cloud-based instances in Splunk Enterprise and Splunk Enterprise Security and provides ChatOps collaboration, case management and automated response.
"Splunk's Security Operations Suite not only enables customers to identify threats but [also] analyze them, investigate the source, report on any vulnerabilities discovered and plan how to prevent similar occurrences in the future," said Haiyan Song, senior vice president and general manager of security markets at Splunk. Other specific use cases of the product include threat hunting, compliance, insider threat detection, remediation and automation/orchestration, she added.
Splunk Mission Control is in beta; the company has not specified a general availability date.
Other vendors in the security information and event management market include IBM, SolarWinds and McAfee. IBM QRadar is a cloud-based service offering network security intelligence and analytics to let organizations detect cybersecurity attacks and network breaches and take action to respond to data losses. SolarWinds' Security Event Manager touts automated threat detection and response, as well as integrated compliance reporting tools. McAfee Enterprise Security Manager also offers built-in compliance framework and analysis that helps guide organizations' threat investigation and remediation.