New Infocyte HUNT App for Splunk Enterprise

splunk threat hunting dashboard

New Infocyte HUNT App for Splunk Enterprise Provides Data-Centric, Post Breach Detection

With this integration, Infocyte and Splunk customers gain a single pane of glass reporting that enables improved threat discovery and analysis, and faster incident response times.

New cyber threats continue to evade current security controls. Advanced persistent threats (APTs) have driven enterprises and government agencies to implement more aggressive and reliable ways to detect hidden compromises that have evaded traditional first-line defenses. Organizations are now implementing practices to proactively hunt for malicious software and users hidden in networks.

Infocyte has developed a new integration with Splunk Enterprise to provide users with an enhanced data-centric hunt, incident investigation and response capabilities. The new Infocyte HUNT App integrates Splunk Enterprise with the Infocyte platform to provide Splunk users with post breach detection, leveraging Forensic State Analysis (FSA) for more comprehensive and scalable detection of fileless implants, persistence mechanisms, and forensic evasions. With this integration, Infocyte and Splunk customers gain a single pane of glass reporting that enables improved threat discovery and analysis, and faster incident response times.

With the Infocyte HUNT App, Splunk users benefit from a comprehensive endpoint threat detection platform that allows them to identify threats and search for other machines that are compromised when a threat is detected.

Additional Infocyte HUNT App for Splunk capabilities include:

  • Reduced Incident Resolution Time – Pivots from Infocyte findings to historical logs and machine data for faster correlation and investigation.
  • Trend Analysis and Reporting – Customized search, display and reporting of hunt findings over time.
  • Alerting and Event Triggers – Trigger endpoint scans based on SIEM / Sensor alerts.
  • Single Pane of Glass Security – Platform integration enables a single pane of glass for security management and data collection analysis.

Learn more about Infocyte’s Splunk App

Contact us to learn more about our Splunk App.

splunk partner logo

See Infocyte HUNT in Action. Request a Live Demo.

Request a Live Demo of Our Award-winning Threat Hunting and Incident Response Platform.

More from our blog

cybersecurity siem alert validation fatigue

Security Brief: SIEM Alert Validation and the Dangers of Alert Fatigue

March 27, 2019

Despite the rich data provided by SIEMs, organizations find themselves drowning in false positives, making it difficult to focus on high-priority events. This problem of alert fatigue prevents cyber security teams from identifying and addressing real threats – impacting small teams with no SOC, large enterprise teams with a SOC, and MSSPs overseeing the security for many SOCs/customers.

Read More »
2018 healthcare data breaches report

5 Takeaways From Reviewing 2018’s Healthcare Data Breaches

March 19, 2019

In 2018, the U.S. Healthcare Industry Remained a Hot Target for Data Breaches. Last year alone, over 15 million patient records were affected with an average of one data breach occurring every 24 hours in the healthcare industry. It goes without saying that hackers and cyber attackers are finding ways around/through/past security defenses—exploiting vulnerabilities and…

Read More »
hidden cyber attacks

Hunting, Detecting, and Responding to Hidden Threats Using FSA

March 12, 2019

A Brief History of Forensic State Analysis Prior to starting Infocyte, our co-founders, Chris Gerritz and Russ Morris, created the first enterprise-scoped threat hunting team for the entire U.S. Department of Defense. Their teams were responsible for hunting, detecting, and responding to highly sophisticated attacks across an 800,000-node network. With virtually unlimited resources and access…

Read More »