Resecurity (USA), a global cybersecurity and threat intelligence company trusted by Fortune 100 enterprises and government agencies, announced the implementation of a native integration with Splunk, delivered through a dedicated app published on Splunkbase.
This seamless integration enables organizations of any size to connect Resecurity’s cyber threat intelligence (CTI) with the Splunk global ecosystem, facilitating the timely ingestion of indicators of compromise (IOCs) and indicators of attack (IOA), along with ongoing enrichment of security events and logs within existing monitoring and investigation workflows.
Through the Splunk app, cybersecurity teams can ingest threat intelligence feeds from Resecurity into Security Information and Event Management (SIEM) and Security Operations Center (SOC), using industry-standard mechanisms such as the TAXII protocol. This enables organizations to incorporate actionable intelligence from Resecurity and correlate it with internal telemetry.
Once ingested, indexed threat intelligence data can be used to enrich logs and accelerate visibility by providing additional context for analysis, alerting, and investigation.
The app is available via Splunkbase and can be deployed within Splunk Enterprise environments, allowing organizations to configure unparalleled ingestion and data analysis based on their operational requirements:
Resecurity Threat Intelligence
https://splunkbase.splunk.com/app/8067
Resecurity continues to expand its integration ecosystem by supporting interoperability with widely adopted platforms and applications, enabling organizations to make effective use of threat intelligence in daily operations.
