BlackRidge App for Splunk Enhances Security Analysts’ Ability to Quickly Identify Compromised or Rogue Users, Handle Exceptions, and Respond to Potential Breaches
Reno, NV – February 22, 2016 – Today, BlackRidge Technology, the leader in identity-based network and cyber security, announced the BlackRidge App for Splunk® to provide real-time identity attribution for detecting insider and third party security threats. BlackRidge adds a new layer of real-time security protection that cloaks and protects servers before a network connection is established, using BlackRidge’s patented First Packet Authentication™ technology.
“BlackRidge Transport Access Control authenticates identity and applies policy on the First Packet of network sessions, removing visibility of resources from unauthorized users while stopping known and even some unknown attacks and breaches from occurring,” said John Hayes, CTO and Founder of BlackRidge Technology.
The BlackRidge App for Splunk provides identity attribution for such threats, thereby helping CISOs to:
- Identify compromised or rogue insiders and third party vendors.
- Gain key insights to help with remediation.
- Meet requirements for security controls, audits, and regulatory compliance.
Key features of the BlackRidge App for Splunk include:
- Prioritizing the top real-time network security events from BlackRidge raw messages including unauthorized access events.
- Providing a predefined set of dashboards to visualize the top 10 identity attribution events for the past day, week and month.
- Generating real-time alerts with identity attribution of unauthorized network connections attempts to protected resources.
Key benefits from using the BlackRidge App for Splunk include:
- Identifying unauthorized access that can help in identifying compromised or rogue users, handling exceptions, and responding to potential breaches identified by Splunk Enterprise.
- Reducing risk from insider threats (third party vendors and partners) on your network by identifying, alerting on, and preventing unauthorized resource access.
- Supporting audits and regulatory requirements pertaining to security controls and providing attribution information for compliance and forensic analysis.
“The ability to provide identity attribution for unauthorized network access is another unique aspect of BlackRidge Technology that further places them in the first rank of emerging enterprise security technologies. Identifying compromised or rogue insiders and third party vendors is a top operational priority for CISOs – the combination of BlackRidge and Splunk can help with this need,” said Mark Graff, Founder/CEO of Tellagraff, LLC.
Gorka Sadowski, Director of Global Strategic Alliances, Security Markets at Splunk, noted that "The BlackRidge App for Splunk extends the Splunk Enterprise platform helping enable end-to-end security context across the entire organization. This in turn helps SecOps and SOC analysts when hunting for and linking events to compromised insiders or rogue insiders and third party vendors.”
BlackRidge TAC Gateway App for Splunk is generally available to Splunk customers at no extra charge, and can be downloaded from Splunkbase at: splunkbase.splunk.com/app/2993/
About BlackRidge Technology
BlackRidge Technology provides an identity-based network and cyber security solution that stops cyber-attacks and protects against insider threats. Our First Packet Authentication™ technology was developed for the military to cloak and protect servers and segment networks. BlackRidge Transport Access Control authenticates user and device identity and applies policy on the first packet of network sessions. This provides a new level of real-time protection that blocks or redirects unauthorized and unidentified traffic to stop known and unknown cyber-attacks, protects against insider and third party threats, and provides identity attribution. BlackRidge Technology was founded in 2010 to commercialize its military grade and patented identity-based network security technology. For more information, visit www.blackridge.us.