Splunk Inc., a data platform leader for security and observability, announced new capabilities to power integrated security and observability on a shared data platform at its annual user conference, .conf22.
Splunk’s unified security and observability platform enhancements will help organizations achieve end-to-end visibility, rapid time to investigation and action and greater extensibility to solve data-centric challenges. Product capabilities Splunk announced at .conf22 include:
- The Splunk Platform, including Splunk Cloud Platform and Splunk Enterprise 9.0, which is generally available, allows customers to access more data sources easily, find and operationalize insights faster, secure and scale deployments and streamline administration to turn data insights into business outcomes.
- Data Manager for Splunk Cloud Platform delivers a scalable data onboarding experience across Amazon Web Services and Microsoft Azure, with Google Cloud Platform support available later this summer, providing an easy-to-manage hybrid cloud control plane of data flowing into Splunk within minutes.
- Splunk Log Observer Connect allows customers to visualize all their data in one place by combining the power of Splunk Cloud Platform and Splunk Observability, enabling site reliability engineers and DevOps engineers to access their metrics, traces and Splunk Cloud logs in a single interface for faster, in-context debugging.
- Splunk Incident Intelligence – now in preview – will help DevOps teams investigate incidents and take action to ensure better system resilience by providing event correlation, incident response and on-call routing, collaboration and automation within a unified workflow.
- Anomaly Detection Assistant simplifies investigation and helps security analysts, IT operations and DevOps engineers find potential problems by using machine learning to craft a perfectly tuned query quickly to identify anomalies in a time-series datasets.
- Risk-based alerting in Splunk Enterprise Security, combined with risk-notable playbooks from Splunk SOAR, allows customers to enforce a zero-trust approach, prioritize high-fidelity incidents and ensure rapid time to action by automating containment and response tasks in seconds.
The Global Partner Summit provides the Splunk network of more than 2,400 partners with a dedicated program that will help them extend the value of Splunk with the tools and knowledge to sell, build and manage solutions. Additionally, Splunk introduced several Partnerverse program features and tools to help partners expand and differentiate their offerings. Enhancements include access to the Splunk Cloud Sandbox and a Funded Partner Training benefit.
For information on the latest product enhancements or conference activities from .conf22, visit the .conf22 website.