Vectra + Splunk

Vectra and Splunk partner to solve the most persistent problem facing today’s enterprise cybersecurity teams – finding and stopping active cyberattacks while getting the most out of limited time and resources.

Splunk + Vectra integration

Faster, context-driven investigations into active cyberattackers

Speed up investigations by having the Vectra Threat Detection and Response platform automatically triage and score hosts ranked by risk in Splunk dashboard

Enhance workflows in Splunk across the entire attack lifecycle with Vectra’s visibility of all threats, known and unknown

Gain valuable insight by enabling security teams to correlate detections from Vectra with other events in Splunk

Bring Vectra Detection to Workbooks in Splunk

  • The Vectra App for Splunk provides an interactive dashboard to show the number of hosts classified as critical, high, medium, and low risk
  • Speed-up the investigations with drill-downs into each category to filter on that particular detection’s severity
  • A link back into Vectra’s user interface allows a seamless transition to drive prioritization and workflow
Vectra and Splunk integration
Vectra and Splunk integration

Automate Response with Splunk Phantom

  • The Vectra Active Enforcement application for Splunk Phantom automates response by enabling quick and effective enforcement actions
  • Splunk Phantom receives alerts based on risk of a host from Vectra and respond automatically as defined by a Splunk Phantom playbook
  • Analysts can also manually trigger a response from the Vectra UI by using predefined event tags and take action before damage is done

See how Vectra and Splunk Partner Together

Vectra Detect App for Splunk
Vectra Stream App for Splunk

Learn more about the Vectra platform

Understand more about the Vectra platform and its approach to threat detection and response.

Discover the Vectra Platform

Find out what's hiding in your cloud

See the Vectra Protect™ scan in action with your free Azure AD vulnerability scan today and start securing your essential business tools.

Free Azure Scan