Close this search box.

SpyCloud Investigations App is now Live in Splunkbase


The SpyCloud Investigations App for Splunk, available in the Splunkbase marketplace, enables users to explore criminal activity through the lens of recaptured data and provides seamless access to SpyCloud’s industry-leading, billions of recaptured darknet assets into your Splunk environment to assist with cybercrime and fraud investigations. 

With the app, Splunk users can uncover the the true identities of specific criminals, profile criminal targets, determine the origin of data used in credential stuffing attacks and identify the exposure of public applications to botnet credential stealers, research criminal campaigns (including the breadth and nature of malicious campaigns), and understand user risk from reused credentials to malware infections. The app includes a GUI for ad-hoc searching and downloading of data. Additionally, two custom search commands are included that allow a customer to use SpyCloud’s dataset from within Splunk queries. 

“With this integration we offer joint users a seamless way to leverage the power of SpyCloud’s Cybercrime Analytics to accelerate cybercrime investigations directly in Splunk.

CW Walker, Director of Security Product Strategy at SpyCloud.

“By having a way to naturally pivot and search inside Splunk natively, SpyCloud dramatically decreases context switching while increasing visibility, flexibility, and speed at the same time.”

With access to SpyCloud’s billions of recaptured data assets from the dark web, users can access a simple API that unlocks a robust collection of compromised data from past and active exposures in a centralized location – dramatically increasing the attack surface visibility and decreasing discovery and remediation times for security teams. This latest integration enables teams to easily and rapidly make informed decisions throughout the investigation lifecycle to prevent fraudulent activity and mitigate cybercrime attacks.

To learn more about how you can integrate this application into your existing Splunk platform, visit

Recent Posts

Check Your Company's Exposure

See your real-time exposure details powered by SpyCloud.

Meet SpyCloud at Black Hat — Booth #4424!   Book a meeting →

Close this search box.