Splunk® Security Cloud

Security Cloud Suite

Acrobat logo Download manual as PDF

Acrobat logo Download topic as PDF

Overview of Splunk Security Cloud

Monitor, investigate, and respond with Splunk Security Cloud, an integrated portfolio of solutions for security operations teams. Splunk Security Cloud is available in Standard and Plus editions and pricing is based on protective devices. Protective devices refer to the number of devices or virtual machines that are active on one or more of the organization's networks or systems.

You may also use the InfoSec app for Splunk, an entry level starter app for using Splunk Security, to address the most common security use cases, including continuous monitoring and security investigations. The InfoSec app for Splunk also includes a number of advanced threat detection use cases that may be further expanded using available security resources like the Security Essentials (SSE) app. For more information on the InfoSec app for Splunk, see the following documentation links:

Each of the editions in Splunk Cloud Security suite corresponds to a specific set of discrete products that exist currently with their own set of features, capabilities, and limitations. Optionally, you can also add automation as an add-on feature to any of the suites.

Edition Description
Security Cloud Standard Edition Gets started with security operations by centralizing all security relevant data, informing basic investigations, and standardizing initial response workflows.
Security Cloud Plus Edition Upgrades the investigation base by leveraging default data models, frameworks, dashboards, and event correlations and providing investigation, analytics, and continuous monitoring capabilities.
Add-on Automation Provides automation, security orchestration, and response capabilities, which reduces alert fatigue and enables security teams to focus on mission-critical tasks and respond to threats faster.

The Splunk Security Cloud Suite allows you to purchase existing products under a common licensing unit. Therefore, the use cases for the Security Cloud suite are similar to the standalone products that are included within them.

For more information on the Enterprise Security use cases, see Enterprise Security use cases.

Last modified on 26 February, 2021
Security Cloud - Standard edition

This documentation applies to the following versions of Splunk® Security Cloud: GA

Was this documentation topic helpful?

You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters