Verizon and Splunk deliver actionable threat intelligence

Verizon Enterprise Solutions launched its Data Breach Investigations Report (DBIR) app for Splunk software.

The new free downloadable app helps take the guess work out of cyberthreats by harnessing the historical breach intelligence gathered by Verizon’s data breach investigations team over the past decade and making it actionable with Splunk security analytics software.


Based on near real-time information, the DBIR app for Splunk allows organizations to use Splunk software to gain business insights and operational intelligence using analytics to correlate machine data and network traffic, proactively monitor and detect anomalies, create alerts, and quickly search and investigate threats.

Verizon’s robust DBIR dataset now includes more than 10 years of data, compromising more than 8,000 breaches and nearly 195,000 security incidents. The 2015 report features data from 70 organizations, including Verizon.

With the DBIR app for Splunk, enterprises can use a variety of dashboard views that offer specific recommendations for credentialing use, phishing and malware. The app helps organizations:

  • Track authentication
  • Detect credential-based lateral movement
  • Log impossible journey VPN connection
  • Flag potential exfiltration through email
  • Identify vulnerable systems.

“Much like the DBIR, we are making this app available as a public service for the security community to help improve cyberintelligence,” said Mike Denning, vice president of Global Security for Verizon Enterprise Solutions. “By coupling Verizon’s in-depth, real-world breach data with Splunk’s powerful data analysis software, our customers gain the actionable intelligence needed to advance their cybersecurity measures and better secure their data.”




Share this