Splunk and DTEX Systems Partner to Accelerate Zero-Trust Security Operations with Insider Risk Intelligence & Noise-free Endpoint Telemetry
Workforce Cyber Intelligence & Security Solution Delivers the Contextual Human Activity Intelligence and Endpoint Telemetry Ignored by NGAV, UEBA and DLP Tools
DTEX Systems, the Workforce Cyber Intelligence and Security company, announced a partnership with Splunk Inc., provider of the Data-to-Everything Platform, to deliver a superior, zero-trust approach to insider risk intelligence, data loss prevention and security operations orchestration and response.
Splunk and DTEX Systems are accelerating security response times and root cause analysis, driving faster event resolution with advanced analytics and reporting, as well as decreasing manual security and IT operations. DTEX InTERCEPT’s human-based endpoint telemetry provides the full context around the data, machines, applications, and people involved in an event via a single, noise-free endpoint data signal.
Recommended AI News: Red Box Compliance Recording Solution is Certified for Microsoft Teams
DTEX InTERCEPT brings a previously unavailable data source to existing cyber security architectures that multiplies the value of NGAV while allowing for the consolidation of UEBA, endpoint DLP and digital forensics tools. It’s next-generation DMAP+ forwarders and cloud analytics engine deliver a single endpoint data source to Splunk security solutions to proactively identify insider threats, predict data loss events, protect remote workers, flag possible credential compromise, and monitor file servers and packaged applications for abnormal behavior and requests.
“Early customer response to our integrated solution with Splunk Enterprise Security and Splunk SOAR has been overwhelmingly positive,” said Mohan Koo, Co-founder and Chief Technology Officer at DTEX Systems. “Unlike legacy solutions, DTEX InTERCEPT provides a simple and clear view of human activity, and because the hundreds of meta-data elements we collect are filtered at the source, the number of notable events that require investigation drops by nearly ninety-percent. This means overworked SOC teams and analysts spend more time focused on what matters and can have full confidence in automated response and orchestration workflows.”
Recommended AI News: Seeing Machines unveils its Occula NPU
Splunk Enterprise Security ingests DTEX InTERCEPT’s risk-based alerts, also known as ‘Indicators of Intent,’ from the Splunk Security Analytics Platform. It uses these alerts to provide customers with a better, more contextually rich understanding of how user activity is influencing what’s happening in their environments and if those behaviors are creating risks to data, users and operational processes.
How Organizations Are Utilizing DTEX InTERCEPT with Splunk Enterprise Security & SOAR
- Visibility and collection of hundreds of unique meta-data elements and user activities transformed into Splunk CIM format (no contextual losses) for a noise-free endpoint data signal.
- Accelerated response times and root cause analysis within the Splunk ES console using real-time, detailed inside risk analytics and risk-based notifications.
- Notable event enrichment with human-behavioral intent telemetry to support faster, more automated remediation.
DTEX will be participating in Splunk .conf’21 October 19-20, 2021 demonstrating its DTEX InTERCEPT Zero-Trust Insider Threat Intelligence solution virtually in the Partner Zone, have its contextual endpoint telemetry data signal featured in the popular APT scenario during BOTS on Monday morning and evening, October 18, 2021, and be recognized by Jane Wong, VP of Security Products at Splunk..
Recommended AI News: Weber Shandwick Launches Media Security Center to Address Emerging Information Threats
[To share your insights with us, please write to sghosh@martechseries.com]
Comments are closed.