Alert Manager Enterprise 3.5 Released
Datapunctum
Sep 23th, 2024
We're thrilled to announce the release of Alert Manager Enterprise (AME) Version 3.5, our premium Splunk app designed to supercharge your incident management and security operations. This update brings key enhancements that help organizations identify vulnerabilities faster, automate responses, and maintain compliance.
Revolutionizing Your Vulnerability Insights with Vulnerability Intelligence
At the core of AME 3.5 is our new Vulnerability Intelligence feature, a powerful tool for correlating vulnerabilities with asset intelligence, prioritizing exposures, and tracking remediation. Available with an AME Security Pack Subscription (contact sales for an evaluation license), it ingests data from diverse sources indexed in Splunk, using saved searches and the "Ingest Vulnerability Realizations" Alert Action to capture vulnerability realizations (live instances of known vulnerabilities on specific assets) and create AME Events based on realization rules.
Vulnerability Intelligence Overview
Key benefits include:
- Lifecycle Tracking: Manage vulnerabilities from detection to resolution, including exclusions for accepted risks and periodic reviews for standards like PCI-DSS, ISO 27001, and NIST.
- Staged Realizations: Identify issues on unknown assets to refine your observable inventory and reduce blind spots.
- Customization Options: Tailor CVE metadata, set tenant-specific auto-resolve rules, and configure data retention.
- Reporting Tools: Schedule customized reports with exactly the scope you need.
AME Vulnerability Intelligence Workflow Diagram
Smarter Notifications for Faster Responses
We've enhanced notifications with greater flexibility and integration. The new "Create AME Notification Alert Action" enables triggering parametrized notifications from Splunk searches for timely alerts.
Enhanced Observables for Better Asset Visibility
Observables in AME support Observable Reporting Groups, allowing nested organization based on attributes like region or network zones for hierarchical reporting. Use the "Ingest Observable Group" Alert Action to define groups from Splunk searches.
Upgrade to AME 3.5 Today and Elevate Your Security Posture
AME Version 3.5 delivers proactive security with Vulnerability Intelligence, smarter notifications, and enhanced observables. Learn more about Alert Manager Enterprise at https://alertmanager.app, download it on Splunkbase or contact our sales team for details. At Datapunctum AG, we're committed to making Splunk work smarter for you.
Stay secure!
