What's new in Splunk Security Essentials
This release of Splunk Security Essentials includes the following enhancements.
What's new in 3.8.0
New Feature or Enhancement | Description |
---|---|
MITRE ATT&CK Benchmark dashboard | The new MITRE ATT&CK Benchmark dashboard contains a list of the top 20 techniques seen in threat reports. Use the dashboard to check how the detections in your environment stack up against these techniques. See The MITRE ATT&CK Benchmark dashboard in the Use Splunk Security Essentials manual for more information. |
Updated Security Data Journey | The former 6 stage journey has been replaced with 4 levels: Foundational data insights, Data exploration and automation, Enhanced insights and analytics, and Unified TDIR. You can use these new Security Data Journey levels as filters on the Security Content page. To navigate to the updated Security Data Journey, from Splunk Security Essentials select Data and then Security Data Journey. |
New Splunk Enterprise Security Content Update API endpoint | The Splunk Enterprise Security Content Update (ESCU) endpoint was replaced by a new API endpoint in Splunk Security Essentials version 3.8.0. If you are using Splunk Security Essentials version 3.7.1 or lower you won't be able to update to the latest ESCU version without first upgrading to Splunk Security Essentials version 3.8.0. The last ESCU version supported on Splunk Security Essentials version 3.7.1 is 4.22.0. |
Product icon updates | Splunk Security Essentials now uses updated product icons for the originating apps of content. |
Page load performance improvement | The page load time for the Security Content page has improved so that hundreds of detections are now visible within seconds. |
Known issues for Splunk Security Essentials |
This documentation applies to the following versions of Splunk® Security Essentials: 3.8.0
Feedback submitted, thanks!