BlueVoyant, a cyber security company that illuminates, validates, and remediates internal and external risks, has announced MXDR for Splunk at Splunk .conf23.

The new service integrates Splunk SIEM capabilities with SentinelOne EDR expertise to provide a cloud-native, fully integrated security solution enabling risk illumination, alert validation through multiple sources as well as remediation across multiple platforms including endpoint, IoT, cloud workloads and networks.

BlueVoyant's Next Generation content is designed to allow for rapid updates to meet ever-changing tactics and Risk Based Alerting, which thwarts attackers who try to use oft-benign actions to evade detection.

Anthony Giallombardo, Splunk Product Director, says, "MXDR for Splunk grants customers the best SIEM and EDR combination without the risks involved with integrating them internally.

"Splunk clients want to eliminate blind spots in their data silos, streamline operations and workflows, and reduce total cost of ownership without sacrificing the great observability capabilities Splunk provides. With MXDR for Splunk, they can do it all."

Key components of BlueVoyant's MXDR for Splunk include:

• Clients' ability to collect, monitor, and analyse security data across on-premises, hybrid, and multi-cloud environments in a single platform.
• Cloud-native SIEM (security information and event management) with real-time visibility to identify security threats and remediate them quickly.
• The reduction of client data burden by 20% or more with a proprietary Data Readiness model that improves data quality and reduces costs.
• The ability to triage 100% of threats and eliminate more than 90% of them with advanced automation to reduce risk and required resources.
• Rigorous Risk Based Alerting (RBA) alerts to warn clients of threat actors who use often benign activities that may lead to malicious intent.
• Continuous improvement of clients' Splunk instances delivering security content faster and better coverage amongst all data sources.
• The availability of numerous bundles of workshops, retainers, and PS services to help clients optimise, implement, manage, monitor, and protect their Splunk instance.

Splunk recognised BlueVoyant as a key MSP (managed service provider) partner with the new Premier Manage designation. BlueVoyant also earned core competency badges for Cloud Migration and Cloud Migration: Co-Delivery. The company has over 200 active Splunk certifications. In 2022, BlueVoyant expanded its Splunk go-to-market by including its offerings on the Amazon Web Services (AWS) Marketplace.

At Splunk .conf23, BlueVoyant delved into the ways organisations can maximise their investments leveraging MXDR for Splunk.

BlueVoyant combines internal and external cyber defence capabilities into an outcomes-based cloud-native platform by continuously monitoring a network, endpoints, attack surface, and supply chain, as well as the clear, deep, and dark web for threats.

The full-spectrum cyber defence platform illuminates, validates, and quickly remediates threats to protect your enterprise. BlueVoyant leverages both machine-learning-driven automation and human-led expertise to deliver industry-leading cybersecurity to more than 900 clients across the globe.