Benefits
  • Expedite deployment and configuration following best practices
  • Metrics designed to meet your security controls
  • Enrichment and risk rules designed to fit your business
  • Knowledge transfer to ensure continued success
Contact Us

    Name*

    Email*

    Company*

    Splunk Asset and Risk Intelligence Quick Start

    Splunk Asset and Risk Intelligence (ARI) provides proactive risk mitigation through continuous asset discovery and compliance monitoring.

    Our Splunk Asset and Risk Intelligence Quick Start offering is the best way to expedite your implementation of Splunk ARI and ensure that it meets and exceeds your organizational goals and objectives.

    Our team of subject matter experts will work with you to configure and tailor Splunk ARI to your business requirements, ensuring you are successful from the start and setting you up for continued success.

    Timing

    Day 1: Installation & Configuration

    Data source configuration
    Metric configuration
    Integration with Enterprise Security (if applicable)
    User and Administrator knowledge transfer

    Day 2 (Scheduled one week after Day 1)

    Configuration of asset enrichment rules
    Configuration of asset risk rules
    Tuning of data sources and metrics
    User and Administrator knowledge transfer

    Day 3 (Scheduled one month after Day 2)

    Tuning of data sources
    Tuning of metrics
    Tuning of enrichment and risk rules
    User and Administrator knowledge transfer

    Scope
    INCLUDED DETAILS
    Data sources Configuration of up to 7 data sources
    Metrics Configuration of up to 5 metrics
    Rules Configuration of up to 5 asset enrichment rules
    Configuration of up to 3 asset risk rules
    Frameworks Configuration of up to 2 known (out-of-the-box) cybersecurity frameworks
    Integration Integration with Enterprise Security (if applicable)
    Prerequisites
    • Splunk ARI application installed and available
    • Data sources identified and onboarded in Splunk
    • Data sources should be CIM compliant
    • Company subnet inventory (if available) for configuration with ARI
    • Company user directory available for configuration within ARI
    • Relevant contextual information on assets (e.g. naming conventions)
    • Consultant access provisioned

    Out of Scope
    • Custom metrics or metric report creation
    • ARI Echo implementation and configuration
    • Third-party CMDB integration (e.g. ServiceNow)