The Wall Street Journal this week reported on new additions to the Splunk App to enable easier, faster threat detection and containment by empowering users to assign risk scores to any data. The app also includes new features to help users connect and visualize data on the fly and introduces guided search to make security analytics more accessible to a broad range of users without requiring knowledge of programming languages or command syntax.Â
Any users? Do you think this will solidify Splunk's role in Gartner's Leader's quandrant?
I haven't used Splunk before, so my input here is just going to be my
initial thoughts.
It says the app "helps users connect and visualize data on the fly and
introduces guided search". I think this would be a great feature.
Organizations are always looking for a way to visualize their data because
it makes it easy to detect patterns and anomalies and also provides
valuable insight. Coupling this with the guided search part, this
definitely takes away the requirement of being a technically skilled person
to navigate through the data. This also ties in to another thing that I've
recently read, where one of the big challenges that organizations face is
dedicating resources to administer a SIEM, because they need to be properly
trained or skilled resources. But making analytics easy fixes that challenge.
Again, I haven't used Splunk before, but this addition might help it in its
run for the quandrant leadership.
Thanks.