We're thrilled to announce an exciting partnership and integrated solution with Splunk, empowering our shared customers to seamlessly integrate our respective solutions. Customers can use this integration to share Wiz security findings — including Issues, vulnerabilities, and audit log data — to Splunk Enterprise and Cloud to investigate, analyze and report.
Security Information and Event Management (SIEM) has emerged as a cornerstone of SOC, serving as a vital tool for organizations seeking to fortify their digital defenses. SIEM tools are designed to collect, correlate, and analyze various log sources across an organization's infrastructure. This capability empowers security teams to gain deep insights into potential threats, vulnerabilities, and anomalous activities, enabling them to respond swiftly to protect sensitive assets, maintain regulatory compliance, and uphold the integrity of their operations.
The new integration helps organizations connect their Wiz and Splunk platforms to collect security event data into a single response platform. Some of the benefits of this integration include:
Incident Analysis: Wiz Issues, vulnerabilities, and audit logs can seamlessly integrate with SIEM tools like Splunk Enterprise Security to ingest and analyze logs. This integration enables Splunk Enterprise Security to monitor and correlate events and incidents specific to cloud-native environments. Additionally, customers can leverage this integration to analyze Wiz audit logs to identify anomalous behavior.
Detect and Threat Response: Wiz can feed Splunk with data on cloud resource risks, allowing Splunk to detect and respond to security threats promptly. Customers can leverage Splunk’s automation and response capability to trigger alerts and response flows based on findings from Wiz. When a security incident occurs, Wiz works in conjunction with Splunk SIEM to provide contextual information about the incident, including details about the application, container, or microservices involved. Wiz provides cloud infrastructure risk information that can be combined with the threat detection logs that are ingested into Splunk Enterprise and Cloud. This helps with incident response and forensic investigations, enabling a faster and more accurate resolution.
Track progress of remediation: Get the complete picture of your cloud footprint and report on key security metrics. Analyze and report on your cloud assets, issues, and vulnerabilities over time. For example, you can track the progress of vulnerability resolution by severity or project. Analyze metrics across cloud environments, including AWS, GCP, and Azure. Security teams can easily report on powerful metrics such as:
- the number of outstanding issues per project
- the number of open vulnerability issues filtered by Wiz project
- the percentage of issues older than 30 days
- many other metrics
This information can be used to report on service SLAs or track the progress of different teams over time.
In such a challenging cybersecurity environment it’s critical that our customers can detect, investigate and respond to threats as quickly as possible. Wiz joining the Splunk Partnerverse, and the launch of the Wiz Add on for Splunk, supports customers in that journey and will help them to keep pace with evolving threats.
Alexandra Turbitt, GVP, Alliance & Channels, EMEA, Splunk
Getting started is simple. Joint customers can get started in a few easy steps. All you need is outlined in the Wiz docs (login required), or download the Wiz Add-On for Splunk. This strategic partnership between Wiz and Splunk is just the start. Questions? We’d love to hear from you. Reach out and our team will be glad to assist.
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。