Splunk and DTEX Systems have partnered to accelerate zero-trust security operations with insider risk intelligence and endpoint telemetry ignored by NGAV, UEBA and DLP tools.
DTEX InTERCEPT™ brings a previously unavailable data source to SOC, IR and threat intelligence teams while multiplying the value of Splunk ES and SOAR. It’s lightweight, cloud-native, privacy-by-design architecture scales to thousands of endpoints and servers in hours, collects only 3-5 MB of data per user each day with low CPU usage and zero impact on employee efficiency.
Only DTEX InTERCEPT delivers the context and intelligence that answers the Who, What, When, Where and How related to any potential insider threat situation, compromised account event or data loss scenario without invading personal privacy.
Insider threats, data loss events and account compromise follow a pattern of activity. DTEX analysts have identified and codified the insider equivalent: the Insider Threat Kill Chain, which encompasses the five steps present in nearly all insider attacks to provide organization-wide user visibility that highlights every step of the kill chain, rather than just focusing on the moment of exfiltration.
Visit our website or contact us to learn more about the DTEX Workforce Cyber Intelligence & Security Platform.
[Splunk App Installation Guide] (https://dtexsystems.freshdesk.com/support/solutions/articles/24000059884-splunk-app-and-add-on-for-dtex-deployment-guide)
Updated jQuery to v3.5.0 in the app package. This version of jQuery has security fixes and will be used by the app independently.
As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 10GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps from Splunk, our partners and our community. Find an app for most any data source and user need, or simply create your own with help from our developer portal.