ThreatStream introduces Threat Intelligence Splunk App

"There’s an insatiable need amongst enterprises in every industry today for information that is not only relevant and highly accurate, but also allow IT departments to be more robust and efficient," said Hugh Njemanze, ThreatStream CEO. "Today’s threat and security analysts are overwhelmed with the amount of information available to them and are constantly faced with the arduous challenge to keep up with cyberattacks and security breaches. With our Splunk App, and the latest partner and technology integrations, ThreatStream organisations can have a single view of threats they can quickly make sense of, share and operationalise."

Cybersecurity teams are faced with the tremendous challenge of keeping up with cyberattacks and data breaches. ThreatStream continues to innovate and provide technology solutions to help customers to effectively and rapidly detect, investigate, respond to and remediate threats and security incidents. ThreatStream provides an enterprise-class threat intelligence platform, combining comprehensive threat data collection, prioritisation and analytics with secure collaboration and sharing. ThreatStream is introducing new features, partnerships and integrations to directly address this challenge, making the task of rapidly identifying relevant and actionable intelligence and running analysis achievable for every enterprise.

Introducing the ThreatStream Splunk App
The ThreatStream Splunk App reinforces the ThreatStream commitment of providing enterprises with the latest tools and relevant partnerships. Through the ThreatStream Splunk App, IT teams benefit from richer context, visualisation tools and investigation workflow for rapid detection of and protection from cyberattacks and security breaches. The App includes interactive dashboards for intuitive analysis and investigation, real-time visibility into zero-day and zero-week vulnerabilities and more.

Features of the ThreatStream Splunk App include:
· Automatic alerting on critical indicator matches
· Dashboards detailing event data associated with the known indicators of comprise (IOCs)
· Interaction with the ThreatStream Optic platform for automatic updates

ThreatStream APP Store 2.0
Threat data feeds allow security teams to leverage third-party intelligence to improve an organisation’s ability to proactively protect itself from cyberattacks. Often purchased by security teams to supplement the threat intelligence being collected by in-house security controls, these feeds are an essential part of any organisation’s security strategy. This will give an enterprise instant visibility, rapid response and efficient analysis.

NEW ThreatStream APP Store 2.0 Features

APP Store 2.0 calculates and displays relevance scores to subscribed feeds
A light-weight software package is available to tie external threat intelligence to security events
ThreatStream Agent for Splunk Enterprise 6.2, 6.1
ThreatStream Agent for ArcSight ESM 6.5

NEW ThreatStream APP Store Partners

iSight Partners
Support Intelligence
Taia Global
Threat Recon

The Most Robust Partner Integrations of Any Threat Intelligence Platform
ThreatStream provides a broad portfolio of integrated solutions that deliver unmatched visibility and continuous advanced threat protection to marketing-leading SIEMs, IDS/IPS, firewall and end-point solutions. The ability to inject machine-readable threat intelligence into your existing security solutions and correlate it with local data increases the velocity and accuracy of threat detection and enhances an organisation’s ability to respond to the most targeted attacks.
NEW ThreatStream Optic Platform Integrations now Generally Available:

Bit9+ Carbon Black
Cloudera Impala
Infoblox
Palo Alto Networks
QRadar
Tanium