Cyences App for Splunk

Complete visibility of your system's security status

As more and more customers were asking us to develop an all-in-one, user-friendly, and fully customizable application for them on Splunk to meet their unique needs, our Splunk product manager, Vatsal, realized that most of these requests revolved around cybersecurity, specifically for Security Operations Centers (SOCs) and Compliance. A decision was made to develop Cyences, an application designed to satisfy all these customer requests while simultaneously allowing us to focus on enhancing this application through a common customer development theme.

Cyences: Inspired by you, designed for you.

Cyences is a highly customizable application that empowers security teams with unparalleled visibility into their systems’ security status. It was created to become a seamless piece of the blue team arsenal for security engineers and administrators. The forensic interface is based on the MITRE ATT&CK framework to identify areas of concern quickly.

Key Benefits - Battle Cards

Comprehensive Visibility

Cyences provides a unified view of your entire security posture across all your systems and devices, closing the visibility gaps that leave organizations vulnerable.

MITRE ATT&CK-Driven Insights

Cyences goes beyond simply collecting data. It correlates information from multiple sources, utilizing the MITRE ATT&CK framework, to provide actionable insights that help you prioritize threats and take key actions.

Risk-based alerting (RBA)

Cyences intelligently filters and prioritizes alerts, enabling security teams to make informed decisions and respond effectively to the most critical threats.

Faster Response Times

By acting faster upon data ingestion, Cyences enables your team to take control of their security posture and minimize the impact of cybersecurity incidents.

Countermeasures

Cyences is integrated with our BlockShield technology, allowing operators to instantly block any attack across the entire organization, including cloud and on-premises environments.

Comprehensive Visibility

Cyences plays a crucial role within our Unified Cyber Management Center (UCMC). For more information on UCMC and its capabilities, please refer to our service overview.

The Cyences app provides a multitude of alerts and dashboards in the following categories:

Antivirus / Antimalware:

Cloud Tenancies:

Email:

Database:

Network Devices:

Vulnerability Scanners

Active Directory / Azure Active Directory

Linux / Unix

Authentication

DNS Tracker

VPN

Lansweeper

DUO

RSA Radius Authentication

Cyences has other unique first-in-the-market features on Splunk such as:

Alert Digest and Critical Email Alert:

Reduced Alert Spam:

Users receive only the most crucial alerts immediately, preventing inbox overload.
A daily digest email summarizes all medium and high-severity events, keeping users informed without constant interruptions.

Simplified Configuration:

Users configure their email address once, eliminating the need to set up email notifications for each individual Splunk alert.

Centralized Alert Management:

Cyences provides a single point for managing all critical and digest alerts, streamlining the alert notification process.
Alert email notifications can be delivered based on the SOC and Compliance team category.

Device Inventory and Intelligence:

The “Intelligence” dashboard provides valuable insights and context for investigating security incidents, making it easier to identify the root cause and take appropriate action.

User Inventory:

Detailed User Metadata: Delivers crucial user-related metadata, such as user type (admin, standard, guest) and associated products, enabling deeper analysis and risk assessment.

Network Telemetry:

Providing a live view of all devices and network communications.

User Guide

This section of the document is about how to utilize the Cyences App.

Overview Dashboard

Forensics Dashboard

SOC Dashboard

Alerts & Dashboard

Intelligence

Installation and Configuration:

Cyences App Installation

Cyences App Configuration

Cyences App Alert Configuration

Download Cyences Today:

Cyences App for Splunk

Cyences Add-On for Splunk

Talk to one of our Splunk engineers now!

Contact CrossRealms today to discuss your Sophos MDR needs and discover how our expertise can drive your success today!

By submitting this form, you are consenting to receive marketing emails from: CrossRealms International. You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact