https://community.splunk.com/t5/All-Apps-and-Add-ons/Are-Splunkbase-apps-safe/m-p/602545#M77050 <P>Some relevant links:</P><P><A href="https://dev.splunk.com/enterprise/docs/developapps/testvalidate/appinspect/" target="_self">appinspect</A>&nbsp;</P><P><A href="https://dev.splunk.com/enterprise/docs/releaseapps/splunkbase/" target="_self">releasing apps</A>&nbsp;</P><P><A href="https://dev.splunk.com/enterprise/docs/releaseapps/cloudvetting/" target="_self">cloud vetting</A>&nbsp;</P> Tue, 21 Jun 2022 06:56:41 GMT johnwww 2022-06-21T06:56:41Z https://community.splunk.com/t5/All-Apps-and-Add-ons/Are-Splunkbase-apps-safe/m-p/602519#M77044 <P>There are many app in&nbsp;Splunkbase some from well known companies and developers, so I assume those are safe. What about other apps? Are they reviewed by Splunk before being published?</P> Tue, 21 Jun 2022 06:03:46 GMT https://community.splunk.com/t5/All-Apps-and-Add-ons/Are-Splunkbase-apps-safe/m-p/602519#M77044 johnwww 2022-06-21T06:03:46Z https://community.splunk.com/t5/All-Apps-and-Add-ons/Are-Splunkbase-apps-safe/m-p/602528#M77045 <P>Hi&nbsp;<a href="https://community.splunk.com/t5/user/viewprofilepage/user-id/247046">@johnwww</a>,</P><P>when an App is uploaded in Splunkbase it's subjected to many controls, especially on scripts, for my knowledge they are safe, for more infos, you can see at&nbsp;<A href="https://www.splunk.com/en_us/legal/terms/terms-of-use.html?301=/en_us/terms-of-use.html&amp;301=/view/SP-CAAAAAH" target="_blank">https://www.splunk.com/en_us/legal/terms/terms-of-use.html?301=/en_us/terms-of-use.html&amp;301=/view/SP-CAAAAAH</A>&nbsp;all the terms of use.</P><P>In addition, here <A href="https://www.splunk.com/en_us/legal/export-controls.html?301=/en_us/export-controls.html&amp;301=/view/SP-CAAAGSX" target="_blank">https://www.splunk.com/en_us/legal/export-controls.html?301=/en_us/export-controls.html&amp;301=/view/SP-CAAAGSX</A> you can find the Export Controls.</P><P>Ciao.</P><P>Giuseppe</P><P>&nbsp;</P> Tue, 21 Jun 2022 06:23:07 GMT https://community.splunk.com/t5/All-Apps-and-Add-ons/Are-Splunkbase-apps-safe/m-p/602528#M77045 gcusello 2022-06-21T06:23:07Z https://community.splunk.com/t5/All-Apps-and-Add-ons/Are-Splunkbase-apps-safe/m-p/602531#M77046 <P>Hi</P><P>My expectations are that Splunk do only automatically technical review e.g. by appinspect to ensure that those apps are following their best practices and minimum requirements. But they are not doing any code review or other security related analysis for those. Personally if I need to take some app from "non big brand" I do those reviews by myself and/or try to found any reviews about it. And please remember it's your own decision and your responsibility to choose those. No warranty from anyone else.</P><P>r. Ismo</P> Tue, 21 Jun 2022 06:28:00 GMT https://community.splunk.com/t5/All-Apps-and-Add-ons/Are-Splunkbase-apps-safe/m-p/602531#M77046 isoutamo 2022-06-21T06:28:00Z https://community.splunk.com/t5/All-Apps-and-Add-ons/Are-Splunkbase-apps-safe/m-p/602533#M77047 <P><a href="https://community.splunk.com/t5/user/viewprofilepage/user-id/247046">@johnwww</a>&nbsp;- Long story short.</P><P>Yes, they are validated by Splunk but not by Security Penetration testers.</P><P>So use with caution. Or you can check them by yourself, when you download the App you will get the code as well, you can validate them by yourself if you want.</P><P>&nbsp;</P><P>I hope this helps!!!</P> Tue, 21 Jun 2022 06:32:04 GMT https://community.splunk.com/t5/All-Apps-and-Add-ons/Are-Splunkbase-apps-safe/m-p/602533#M77047 VatsalJagani 2022-06-21T06:32:04Z https://community.splunk.com/t5/All-Apps-and-Add-ons/Are-Splunkbase-apps-safe/m-p/602536#M77048 <P>There is <U>always</U> a risk if you run a third-party written software. Not necessarily due to malice but maybe due to mistakes and sloppy programming.</P><P>My own private policy is that I trust apps built by Splunk, I am cautious towards apps written by solution vendors (like checkpoint-supplied app for checkpoint appliances) because they often don't know Splunk well enough and make too much false assumptions about your environment. And I unpack and manually look into other apps.</P><P>That's in production environment. I have slightly more relaxed approach in my home setup.</P> Tue, 21 Jun 2022 06:36:17 GMT https://community.splunk.com/t5/All-Apps-and-Add-ons/Are-Splunkbase-apps-safe/m-p/602536#M77048 PickleRick 2022-06-21T06:36:17Z https://community.splunk.com/t5/All-Apps-and-Add-ons/Are-Splunkbase-apps-safe/m-p/602542#M77049 <P><A href="https://www.splunk.com/en_us/legal/terms/terms-of-use.html?301=/en_us/terms-of-use.html&amp;301=/view/SP-CAAAAAH&amp;_gl=1*1syjo81*_ga*ODY3MTY1OTk1LjE2NTU3OTA2Njc.*_gid*MTk0NTAzMjQyNy4xNjU1NzkwNjY4&amp;_ga=2.232318943.1945032427.1655790668-867165995.1655790667" target="_self">Terms</A></P><BLOCKQUOTE><SPAN>Splunk does not control the Community Content, identified in section 4.3 (</SPAN><STRONG><I>“Community Content”</I></STRONG><SPAN>) posted on the Site and, as such, does not guarantee the accuracy, integrity or quality of such Community Content</SPAN><HR /></BLOCKQUOTE><P>&nbsp;</P> Tue, 21 Jun 2022 06:47:57 GMT https://community.splunk.com/t5/All-Apps-and-Add-ons/Are-Splunkbase-apps-safe/m-p/602542#M77049 johnwww 2022-06-21T06:47:57Z https://community.splunk.com/t5/All-Apps-and-Add-ons/Are-Splunkbase-apps-safe/m-p/602545#M77050 <P>Some relevant links:</P><P><A href="https://dev.splunk.com/enterprise/docs/developapps/testvalidate/appinspect/" target="_self">appinspect</A>&nbsp;</P><P><A href="https://dev.splunk.com/enterprise/docs/releaseapps/splunkbase/" target="_self">releasing apps</A>&nbsp;</P><P><A href="https://dev.splunk.com/enterprise/docs/releaseapps/cloudvetting/" target="_self">cloud vetting</A>&nbsp;</P> Tue, 21 Jun 2022 06:56:41 GMT https://community.splunk.com/t5/All-Apps-and-Add-ons/Are-Splunkbase-apps-safe/m-p/602545#M77050 johnwww 2022-06-21T06:56:41Z