Symantec ATP App for Splunk

Symantec ATP app provides various visualizations for Network, Endpoint and Email threat protection using Splunk

Executive Summary

Email malware and phishing Data Source Aggregation in Splunk and Splunk Enterprise Security Suite (ES) application Development for Adaptive Response

Services
  • Engineering Services
  • Managed SIEM
  • Software Development
Technology and Platform
  • SIEM - Splunk ES

About Client

Symantec’s teams around the world are developing technologies and building solutions to help customers to securely manage their information. The company has a robust portfolio and a long history of technology leadership.

Business Challenge

Symantec Advanced Threat Protection (ATP) helps you to uncover, prioritize, investigate and remediate complex attacks across endpoint, network, web and email domains by providing various means to collect data from Symantec Endpoint Security, Web security.cloud and Email security.cloud. To efficiently protect the organization from these threats it is very important to correlate all the data and provide a deep insight on security threats as well as some preventive measures to protect from these threats.

Client Solution

Splunk Infrastructure Management:

  • Splunk application and add-on support on Standalone, Distributed and Clustered Splunk deployments
  • Search Heads support for Splunk application
  • Add-on supported on Splunk Search Heads, Indexers and Forwarders

The Crest Difference

Crest developed Splunk Symantec ATP app provides prebuilt dashboards and panels along with other UI elements tailored for an ATP user. These dashboards helps the ATP users to get an overview as the app contains aggregated as well as individual visualizations which correlates data collected from Symantec ATP and Symantec Email Security cloud. It also provides Splunk Adaptive Response for Splunk Enterprise Security Suite (ES) app which allows us to isolate affected endpoints or delete affected files right from within Splunk. ATP users can also correlate the ATP data in Splunk with the data collected from other data center technologies in Splunk.

Download Case Study

Download a detailed case study to explore a solution in detail.

I agree with storage and handling of my information.


By using this site, you agree with our use of cookies. Privacy Policy