Splunk users can leverage SpyCloud in their existing workflows with SpyCloud’s various APIs.
SpyCloud Add-On & Application for Splunk
The Add-On and Application for Splunk allows users to download SpyCloud’s breach alerts directly into Splunk so they can take action immediately. It uses the customer’s configured SpyCloud watchlist [domain(s), email(s), and IP address(es)] when determining what data to download into Splunk. The Add-On and Application setup requires the user to specify the index to use when storing data and a valid SpyCloud API Key. It pulls data on a predefined, adjustable daily schedule.
SpyCloud Investigations App for Splunk
The SpyCloud Investigations App enables Splunk users to uncover the true identities of specific criminals, profile criminal targets, determine the origin of attacks, research criminal campaigns, and understand user risk from reused credentials to malware infections. The app includes a GUI for ad-hoc searching and downloading of data. Additionally, two custom search commands are included that allow a customer to use SpyCloud’s dataset from within Splunk queries.
"Splunk scripts pull in the SpyCloud data automatically to provide instant visibility into which students’ or staffs’ credentials have been exposed. The quantity and quality of their data is amazing, we’ve never seen anything like it.”
– Large U.S. University
The new way to fight cybercrime.
SpyCloud turns the tables by making darknet data work for you. We detect when your employee and customer credentials, cookies, PII and other critical stolen assets are in the hands of cybercriminals and automate remediation to reduce your risk of cyberattacks.
Don’t see your preferred technology vendor?
SpyCloud’s solutions aim to support a vendor agnostic technology ecosystem that maximizes enterprise extensibility. Contact us to learn more about custom integrations.