BlueVoyant MXDR for Splunk empowers users to identify security threats

BlueVoyant announced MXDR for Splunk, enabling clients to maximize their security investment, expedite implementation, and streamline threat detection.

The new service integrates Splunk SIEM (Security Information and Event Management) capabilities with supported EDR partner expertise to provide a cloud-native, fully integrated security solution enabling risk illumination, alert validation through multiple sources as well as remediation across multiple platforms including endpoint, IoT, cloud workloads, and networks.

BlueVoyant’s next generation content allows for rapid updates to meet ever-changing tactics and Risk Based Alerting, which thwarts attackers who try to use oft-benign actions to evade detection.

“BlueVoyant’s MXDR for Splunk enables clients to combine the capabilities of Splunk and supported EDR partners for increased visibility and more robust response actions”, said Anthony Giallombardo, director of product management for BlueVoyant’s Splunk offerings.

“Splunk clients want to eliminate blind spots in their data silos, streamline operations and workflows, and reduce total cost of ownership without sacrificing the great observability capabilities Splunk provides. With BlueVoyant’s MXDR for Splunk, clients can have an integrated best of breed SIEM and EDR tech stack,” added Giallombardo.

Key components of BlueVoyant’s MXDR for Splunk include:

• Clients’ ability to collect, monitor, and analyze security data across on-premises, hybrid, and multi-cloud environments in a single platform.
• Cloud-native SIEM with real-time visibility to identify security threats and remediate them quickly.
• The reduction of client data burden by 20% or more with a proprietary data readiness model that improves data quality and reduces costs.
• The ability to triage 100% of threats and eliminate more than 90% of them with advanced automation to reduce risk and required resources.
• Rigorous Risk Based Alerting (RBA) alerts to warn clients of threat actors who use often benign activities that may lead to malicious intent.
• Continuous improvement of clients’ Splunk instances delivering security content faster and better coverage amongst all data sources.
• The availability of numerous bundles of workshops, retainers, and professional services to help clients optimize, implement, manage, monitor, and protect their Splunk instance.

Splunk recognized BlueVoyant as a key MSP (managed service provider) partner with the new Premier Manage designation. BlueVoyant also earned core competency badges for Cloud Migration and Cloud Migration: Co-Delivery. The company has more than 200 active Splunk certifications. In 2022, BlueVoyant expanded its Splunk go-to-market by including its offerings on the AWS Marketplace.