SecurityBrief UK - Technology news for CISOs & cybersecurity decision-makers
United Kingdom
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewall
#
ransomware
Search
Story image
#
AI
#
Cloud Services
#
ML

Splunk utilises AI tools for tighter security, observability

Fri, 21st Jun 2024
Author image
By Melania Watson, Interview Editor

Splunk has announced a variety of AI tools aimed at improving IT visibility and proactive threat mitigation for organisations.

The new AI-powered Assistants, revealed today, are designed to help users swiftly derive insights from data, enhancing their routine tasks and overall efficiency.

The company's latest innovations feature generative AI Assistants integrated within their Observability Cloud and Security offerings. The move is set to provide customers with advanced tools for quicker detection, exploration, and investigation, ultimately boosting operational efficiency and security.

"AI is the cornerstone of Splunk's strategy for driving enhancements with our industry-leading security and observability solutions," Splunk's VP of AI, Hao Yang, told TechDay.

"Our AI Assistants are designed to help users do their jobs easier and faster. We are currently adding generative AI tools to our product portfolio to accelerate detection, investigation and response workflows. Looking ahead, we aim to further refine the integration of advanced AI technologies and continue to deliver more reliable and more secure IT outcomes for our customers."

AI Assistants in Observability Cloud and Security
The new AI Assistant in Observability Cloud aims to simplify the tasks of engineering teams through a natural language interface. It analyses metrics, traces, and logs to provide software developers and Site Reliability Engineers (SREs) with quick, valuable insights.

This reduces the expertise required for problem-solving, making troubleshooting and data exploration more accessible and efficient.

Additionally, Splunk has introduced the AI Assistant in Security, which leverages generative AI capabilities to expedite security analysts' investigations.

This assistant offers workflow guidance and summarises incident data, generating security-specific Splunk Search Processing Language (SPL) queries to accelerate response times. These enhancements empower analysts to strengthen defences against evolving threats with more streamlined processes.

Accelerating Data Understanding with AI Assistant for SPL
The Splunk AI Assistant for SPL is now generally available, offering customers the ability to interact with Splunk's data analytics platform using natural language.

This tool bridges the gap between human intuition and machine-driven analytics, allowing analysts to execute complex analyses, understand SPL queries, and search product documentation for how-to questions.

By translating between natural language and SPL queries, this assistant improves productivity and decision-making, enabling organisations to optimise data analysis and incident response.

"We are integrating AI capabilities into our solutions," VP of AI & Big Data Division at LG Electronics Bongsu Cho said.

"More than ever before, it's a competitive advantage to quickly and efficiently gain critical insights from your data which significantly enhances operational efficiency and proactive threat mitigation, ensuring robust digital resilience. A strategic AI approach across solutions ultimately drives innovation and strengthens business continuity in an increasingly complex digital landscape."

Enhancements in IT Service Intelligence (ITSI)
At Cisco Live, Splunk introduced a new Configuration Assistant for its IT Service Intelligence (ITSI) solution.

This assistant utilises advanced AI and machine learning to manage and optimise configurations, providing insights into the health of ITSI knowledge objects such as KPIs, services, and entities. It offers a centralised console to help IT administrators maintain accurate alerting, optimising threshold models and reducing false positive alerts.

Splunk also announced Drift Detection for KPIs and entity-level Adaptive Thresholds as part of ITSI.

Drift Detection helps users identify potential issues by monitoring KPIs for gradual changes or sudden deviations from normal patterns. The entity-level Adaptive Thresholds feature allows for dynamic baselines at an entity level, generating alerts for abnormal behaviour. Both features are currently in public preview.

Product Availability
The AI Assistant in Observability Cloud is now in private preview, while the AI Assistant in Security will be available in private preview starting August 2024.

The Splunk AI Assistant for SPL is generally available to Splunk Cloud Platform customers with AWS globally.

IT Service Intelligence (ITSI) and its Configuration Assistant feature are also generally available, with Drift Detection for KPIs and entity-level Adaptive Thresholds in public preview.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
NetApp launches AI-driven ransomware protection for businesses
Experts stress urgent need for AI safety amid rising cyber threats
Barclays partners with Microsoft to enhance digital security
Akamai report: 42% of web traffic driven by bots, 65% malicious
Broadcom updates VMware Cloud Foundation with new key features
Top stories
Progress Software patch highlights security vulnerabilities of critical infrastructure
Mobile app security survey reveals robust consumer demand
UK cyber-attack exposes MoD vulnerabilities, China speculated
UK IT leaders express dissatisfaction with cyber insurance options
Titans of Tech - Philip Rathle of Neo4j