Introducing the Rapid7 InsightConnect App for Splunk

Introducing the Rapid7 InsightConnect App for Splunk

Rapid7 is excited to announce our new integration between InsightConnect and Splunk. With the new Rapid7 InsightConnect App for Splunk, users can now send alerts directly from their Splunk instance to a Rapid7 InsightConnect workflow—all automatically and without any user intervention.


What is InsightConnect?


InsightConnect is Rapid7’s Security Orchestration, Automation and Response (SOAR) solution that is purpose built to accelerate your teams and tools through automation. This SOAR tool helps accelerate and streamline time-intensive processes to free up your team to tackle other challenges. InsightConnect does this by connecting your tools together so that each tool is used to its max potential, connecting the dots between them to better inform your security teams and enrich your data and security alerts. This leads to a major improvement in operational efficiency.


Getting started with the InsightConnect App for Splunk


Setup is quick and easy, and spending time manually analyzing Splunk logs will be a thing of the past with the new InsightConnect workflow integration. For example, this integration will allow you to send alerts directly from Splunk to an InsightConnect workflow and automatically enrich information with alerts, such as SSH attempts. In addition, you will be able to take action automatically, such as blocking bad-actor IP addresses, and create Jira tickets directly from alert for future follow-up.


In addition to our new Splunk offering, we are also releasing to InsightConnect customers a new version of the Splunk plugin, complete with improvements and fixes to fulfill all your work ..

Support the originator by clicking the read the rest link below.