Knowledge Management

Attack surface management using Splunk- Is there any way to achieve this?



Customer is looking for attack surface management using Splunk. Is there any way around to achieve this if yes how this could be achieved in terms of any app/add-on or 3rd party solution? Your answer would really be appreciated. Thanks in advance

Labels (1)
Tags (2)
0 Karma


What exactly is the customer looking for Splunk to do?  Which attack surface do they want to manage, Splunk's or some other one?  Keep in mind that Splunk is a monitor, not a manager, but there may be a solution (perhaps using SOAR) depending what the customer is trying to do.

If this reply helps you, Karma would be appreciated.
0 Karma
Get Updates on the Splunk Community!

Splunk Cloud | Empowering Splunk Administrators with Admin Config Service (ACS)

Greetings, Splunk Cloud Admins and Splunk enthusiasts! The Admin Configuration Service (ACS) team is excited ...

Tech Talk | One Log to Rule Them All

One log to rule them all: how you can centralize your troubleshooting with Splunk logs We know how important ...

Splunk Security Content for Threat Detection & Response, Q1 Roundup

Join Principal Threat Researcher, Michael Haag, as he walks through: An introduction to the Splunk Threat ...