More of a Good thing: Splunk and Palo Alto Networks

Today we took another step forward with Splunk, introducing a joint solution that takes security intelligence across the enterprise to a new level. Working together, the companies have released the newest Splunk App for Palo Alto Networks, enabling organizations to leverage the unique and context-rich data generated by Palo Alto Networks, including information on APTs from WildFire, in the Splunk application. This enables customers to not only visualize application, user, content and network data, but also to correlate data from other sources to better analyze risk, improve security posture, and address additional operational and regulatory concerns.

Splunk is taking the most context-rich information feed in network security – now including information on never-before-seen threats from WildFire – and adding correlated data to it. This means that with Palo Alto Networks, more useful data is available to our customers within the Splunk application. This rich data provides better insights than other data sources by offering customers the visibility on applications and users, making it easy to do root cause analysis, assess situational awareness or conduct forensics investigations. With a few clicks, administrators can visualize all of this information together and take rapid action on threats and trends, directly from the app interface.

The app also introduces key capabilities, including the ability to directly configure Palo Alto Networks devices and improved scalability and performance for large deployments.

To give an example on the first listed here, an administrator analyzing data from an Exchange server could identify a potential security risk in message logs and trigger an update to that user’s profile on the device, resulting in an automated, improved security posture. Splunk is helping customers take advantage not only of the innovations in NGFWs around applications, users, and content, but also around the advanced management interfaces in the Palo Alto Networks next-generation firewall.

And, the improved scalability gives the user the depth and breadth of visibility needed to make use of the massive amounts of data in context to find advanced threats hiding in a sea of network traffic.

We believe that our mutual customers will view the Splunk App for Palo Alto Networks as a significant advantage to creating actionable information on preventing threats.

Want to learn more? See it in action live? Splunk and Palo Alto Networks will demo the Splunk App for Palo Alto Networks at the RSA Conference 2013 this week at Splunk’s booth - #1917.