Verizon DBIR App for Splunk Provides Actionable Security Intelligence for Enterprises
September 2015 by Verizon
To help enterprises navigate and make sense of the increasingly sophisticated cyberthreat landscape, Verizon Enterprise Solutions announced the launch of its Data Breach Investigations Report (DBIR) app for Splunk® software.
The new free downloadable app helps take the guess work out of cyberthreats by harnessing the rich historical breach intelligence gathered by Verizon’s data breach investigations team over the past decade and making it actionable with Splunk security analytics software.
Based on near real-time information, the DBIR app for Splunk allows organizations to use Splunk software to gain business insights and operational intelligence using analytics to correlate machine data and network traffic, proactively monitor and detect anomalies, create alerts, and quickly search and investigate threats.
Verizon’s robust DBIR dataset now includes more than 10 years of data, compromising more than 8,000 breaches and nearly 195,000 security incidents. The 2015 report features data from 70 organizations, including Verizon.
With the DBIR app for Splunk, enterprises can use a variety of dashboard views that offer specific recommendations for credentialing use, phishing and malware. The app helps organizations:
Detect credential-based lateral movement
Log impossible journey VPN connection
Flag potential exfiltration through email
Identify vulnerable systems
Recently awarded the 2015 New Product Innovation Award from Frost & Sullivan, Research Director, Information & Network Security Frank Dickson said, “The DBIR application is genius. Verizon Enterprise Solutions created an easy-to-implement and user-friendly application that applies rich and unparalleled real-world breach research to an organization’s unique network environment. The result is actionable intelligence that can make measurable and tangible improvements to an organization’s cyber security posture.”