BlueVoyant, a cybersecurity company focused on remediation of internal and external risks, has announced MXDR for Splunk.
The new service integrates Splunk SIEM capabilities with SentinelOne EDR expertise to provide a cloud-native, fully integrated security solution enabling risk illumination, alert validation through multiple sources as well as remediation across multiple platforms including endpoint, IoT, cloud workloads and networks.
BlueVoyant’s Next Generation content allows for rapid updates to meet ever-changing tactics and Risk Based Alerting, which thwarts attackers who try to use oft-benign actions to evade detection.
Anthony Giallombardo, Splunk Product Director, comments, “MXDR for Splunk grants customers the best SIEM and EDR combination without the risks involved with integrating them internally.
“Splunk clients want to eliminate blind spots in their data silos, streamline operations and workflows, and reduce total cost of ownership without sacrificing the great observability capabilities Splunk provides. With MXDR for Splunk, they can do it all.”
Key components of BlueVoyant’s MXDR for Splunk include the following:
- Clients’ ability to collect, monitor, and analyse security data across on-premises, hybrid, and multi-cloud environments in a single platform.
- Cloud-native SIEM (security information and event management) with real-time visibility to identify security threats and remediate them quickly.
- The reduction of client data burden by 20% or more with a proprietary Data Readiness model that improves data quality and reduces costs.
- The ability to triage 100% of threats and eliminate more than 90% of them with advanced automation to reduce risk and required resources.
- Rigorous Risk Based Alerting (RBA) alerts to warn clients of threat actors who use often benign activities that may lead to malicious intent.
- Continuous improvement of clients’ Splunk instances delivering security content faster and better coverage amongst all data sources.
- The availability of numerous bundles of workshops, retainers, and PS services to help clients optimize, implement, manage, monitor, and protect their Splunk instance.
Splunk recognised BlueVoyant as a key MSP (managed service provider) partner with the new Premier Manage designation. BlueVoyant also earned core competency badges for Cloud Migration and Cloud Migration: Co-Delivery. The company has more 200 active Splunk certifications.
In 2022, BlueVoyant expanded its Splunk go-to-market by including its offerings on the Amazon Web Services (AWS) Marketplace.
At the core, BlueVoyant brings together internal and external cyber defense capabilities into an outcomes-based cloud-native platform by continuously monitoring network, endpoints, attack surface, and supply chain, as well as the clear, deep, and dark web for threats.
The full-spectrum cyber defense platform is designed to illuminate, validate, and remediate threats to protect an enterprise. BlueVoyant leverages both machine-learning-driven automation and human-led expertise to deliver cybersecurity to more than 900 clients across the globe.