Norse Threat Intel App for Splunk Enterprise Now Available
Norse App Helps Splunk Users Rapidly Detect Advanced Cyber Threats, Prioritize Incident Response Based on Threat Risk and Context, and Reduce Overall Time from Data to Insight.
SAN MATEO, Calif., March 11, 2014 /PRNewswire/ — Norse, a leading provider of live threat intelligence-based security solutions, today announced the release of Norse Threat Intel App for Splunk® Enterprise. Available now for download from the Splunk Apps website, this new app provides Splunk users with simple and seamless access to Norse’s IPViking and Darklist threat-intelligence services. Splunk Enterprise and the Norse Threat Intel App combine to enable rapid detection of advanced threats, risk-prioritized incident response, and reduction of overall time from data to insight.
TWEET THIS: Just announced: @NorseCorp releases Norse Threat Intel App for @splunk…provides powerful set of tools, views & dashboards for users #InfoSec
“Today’s reality is that most companies are in a state of continuous compromise, making it imperative that IT departments and security analysts have the right tools to rapidly detect, respond to and mitigate compromises before they can cause damage or escalate to a data breach,” stated Norse CEO Sam Glines. “The Norse Threat Intel App for Splunk enables Splunk users to quickly achieve a higher level of detection and protection from today’s advanced malware and cyber threats. Through this integration, security analysts gain access to rich contextual threat intelligence, such as Norse’s IPQ risk score, geo-location and more, for improved forensics and investigations and risk-prioritized incident response.”
Splunk users can also access Norse services directly from within the Splunk App for Enterprise Security version 3.0. Splunk App for Enterprise Security users will have automatic correlation of internal network events (system logs, flow and packet data) with external threats on a single pane of glass and enhanced workflow capabilities through a point-and-click interface.
Unlike traditional IP block lists and threat feeds, Norse IPViking and Darklist services provide contextual, risk-weighted, continuously updated threat intelligence. Norse Darklist is a live, continuously updated list of the highest-risk IPs on the Internet, enabling organizations to protect their network from external bad actors. IPViking provides API-delivered, machine-readable, dark-threat intelligence that can be integrated with an organization’s existing security products and network devices.
The benefits of these features include:
-- Identification of advanced threats missed by today's security point-products -- Reduction in the noise generated by traditional enterprise security controls -- Faster incident response through Splunk's Threat Analyzer -- Better security decisions through the application of rich threat context
Earlier this month, Norse and Splunk joined together to discuss the current state of advanced malware attacks, APTs and data breaches. The recording of that webinar can be found here: http://www.norse-corp.com/webinars.html?commid=104615 – res
For the latest news and developments out of Norse:
-- Follow Norse on Twitter: @NorseCorp -- Like Norse on Facebook: https://www.facebook.com/NorseCorporation -- Follow Norse on LinkedIn: http://www.linkedin.com/company/norse-corporation -- Subscribe to the Norse YouTube Channel: http://www.youtube.com/user/norsecorporation -- Read the Norse blog: http://norse-corp.com/blog-index.html -- Add Norse to G+ Circles: https://plus.google.com/+Norse-corp/posts
Norse is the leading innovator in the live threat intelligence security market. With the goal of transforming the traditionally reactive IT security industry, Norse offers proactive, intelligence-based security solutions that enable organizations to identify and defend against the advanced cyberthreats of today and tomorrow. Norse’s synchronous, global platform is a patent-pending infrastructure-based technology that continuously collects and analyzes real-time, high-risk Internet traffic to identify the sources of cyber attacks and fraud. Norse is the only provider of live, actionable, cyberthreat intelligence that enables organizations to prevent financial fraud and proactively defend against today’s most advanced cyber threats including zero day and advanced persistent threats. Norse has offices in Silicon Valley, St. Louis, and Atlanta. Visit us online at norse-corp.com.
All brand names, product names, or trademarks belong to their respective owners.