Spectorsoft Announces Splunk Enterprise Connector to Deter and Detect Insider Threats Within Big Data Environments

VERO BEACH, FL — October 7, 2014 — SpectorSoft, a leader in the user activity monitoring and analysis market, today announced a connector for Splunk Enterprise from Splunk Inc. (NASDAQ: SPLK), the leading software platform for real-time operational intelligence with more than 7,900 customers, including more than half of the Fortune 100. The new connector enables Spector 360 to deliver user activity data and alerts to Splunk implementations so IT security operations teams can rapidly detect and deter insider threats including security breaches, data theft and fraud. Joint customers gain greater visibility into potential insider threats with rapid correlation of computer and network activity data with employee activity data within the Splunk console.

This is especially crucial now, because insider threats are on the rise. Our recent SpectorSoft 2014 Insider Threat Survey revealed that approximately 65 percent of IT respondents reported they had experienced an insider attack, but with an estimated 75 percent of all insider crimes going unnoticed, a large majority of organizations likely have been affected. Insider threats are notoriously difficult to detect, but Spector 360 helps Splunk users identify the subtle human behavioral patterns that indicate improper use of authorized access—from phrases used in email to the moving of IP to a personal cloud—and initiate further investigation or immediate action. Spector 360 brings visibility into user actions performed within applications, behind encryption or on cloud-based solutions.

Spector 360 empowers IT security teams to detect insider threat activity because it flows detected indicators to Splunk as event alerts. If an alert warrants a closer look, Splunk adminstrators can quickly review activity in context by checking the Spector 360 database for details on user or group activity and then take appropriate action.

“Insider threats are not easy to detect, as they involve individuals that have been granted proper access but use that access improperly. By including user activity data and alerts from Spector 360 in Splunk implementations, our customers can reduce the risk of security breaches, data theft and Fraud,” said Mike Tierney, COO of SpectorSoft. “This adds a dimension of analysis that enables data from computer and network activity to be correlated with employee activity data, providing a level of insight that is unprecendented in the industry and ultimately protects a company‘s valuable assets.”

The Spector 360 connector for Splunk Enterprise is generally available and can be downloaded here: http://apps.splunk.com/app/1768/

SpectorSoft is a Level 3 sponsor of the Fifth Annual Splunk Worldwide Users’ Conference .conf2014 being held October 6–9 at the MGM Grand Las Vegas. .conf2014 features more than 150 sessions, including more than 70 customer presentations and is expected to attract more than 4,000 IT and business professionals. SpectorSoft will be in booth A3.