Leverage the RiskIQ PassiveTotal to identify threats and Seamlessly aggregate, correlate and enrich Splunk data with RiskIQ’s Internet Intelligence Graph. Upload indicators of all targeted indicators or bulk enrichment and save results directly within local Splunk indexes.
RiskIQ is the security domain company based in San Francisco, California. RiskIQ is the leader in digital attack surface management, providing the most comprehensive discovery, intelligence, and mitigation of threats associated with an organization’s digital presence. Visit https://www.riskiq.com for more details.
Today, enterprise security teams require a full view of their digital attackers to get a better understanding of threats. The major need is to identify which internal ips are contacting to which domains outside of the firewall. All companies are in digital transformation like moving to the cloud, adopting SaaS applications, automating development operations, and switching to a serverless architecture—making monitoring and managing an enterprise’s digital attack surface increasingly difficult. The major challenge to every enterprise security team is the ability to timely detect, investigate, and respond to threats.
RiskIQ PassiveTotal® App for Splunk seamlessly combines and enriches Splunk’s platform and RiskIQ to help the security teams how internal assets interact with external infrastructure so they can block or prevent attacks and know if they’ve been breached. We have integrated RiskIQ Passivetotal into Splunk by providing the same look and feel to avoid monitoring for security teams from two different screens. We are also helping customers for specific mentioned indicators that are matching into Splunk data or not by searching those indicators in the whole Splunk environment. We are also providing support to bulk upload indicators and details into Splunk and leveraging RiskIQ API to store and maintain a local index source of enrichment data from investigations for future triage.
