To help enterprises navigate and make sense of the increasingly
sophisticated cyberthreat landscape, Verizon Enterprise Solutions announced the launch of its Data Breach Investigations Report (DBIR) app for Splunk. The new free downloadable app helps take the guess work out of cyberthreats by harnessing the rich historical breach intelligence gathered by Verizon’s data breach investigations team over the past decade and making it actionable with Splunk security analytics software.
Based on near real-time information, the DBIR app for Splunk allows organizations to use Splunk software to gain business insights and operational intelligence using analytics to correlate machine data and network traffic, proactively monitor and detect anomalies, create alerts,and quickly search and investigate threats.
Verizon’s robust DBIR dataset now includes more than 10 years of data,compromising more than 8,000 breaches and nearly 195,000 security incidents.The 2015 report features data from 70 organizations, including Verizon.
With the DBIR app for Splunk, enterprises can use a variety of dashboard views that offer specific recommendations for credentialing use, phishing and malware. The app helps organizations track authentication, detect credential-based lateral movement,log impossible journey VPN connection,flag potential ex-filtration through email, & identify vulnerable systems.