- ESET PROTECT, including its Detection and Response capabilities, integrates seamlessly with Splunk SIEM.
- This integration empowers security admins to benefit from endpoint protection data correlated with other security insights in Splunk, facilitating rapid investigation and automated workflows.
- Easier aggregation of ESET detection events with broader security telemetry within Splunk ensures holistic insight and a way for security teams to do more with fewer tools and less manual work.
BRATISLAVA — April 28, 2025 — ESET, a global leader in cybersecurity solutions, today announced a new major integration of its ESET Endpoint Management Platform (ESET PROTECT) with Splunk, a leading security information and event management (SIEM) platform.
Security professionals often find themselves stretched thin due to a general lack of resources, including talent. This presents opportunities for incomplete visibility and delayed response, which can be devastating in an era of burgeoning cyber-attacks. Thus, there is a demand for simpler workflows and enhanced efficiencies. This though requires a different approach, which is why integrations have become critical.
At ESET, we’ve already integrated our ESET PROTECT Platform or its modules with multiple solutions such as Microsoft Sentinel, Stellar Cyber, or IBM QRadar, and we are continuing this journey with the Splunk SIEM.
Splunk is widely used for IT operations, security, and business analytics, helping organizations gain valuable insights from their data. It is designed for searching, monitoring, and analyzing machine-generated big data via a web-style interface. It captures, indexes, and correlates real-time data in a searchable repository from which it can generate graphs, reports, alerts, dashboards, and visualizations. It supports a wide range of data sources and provides tools for data ingestion, processing, and visualization, making it a versatile solution for managing and interpreting large volumes of data efficiently.
The ESET PROTECT Platform, including its Detection and Response capabilities (ESET Inspect), integrates seamlessly with Splunk SIEM, enabling organizations to consolidate security alerts and telemetry into a single pane of glass by:
- Streaming ESET endpoint alerts directly to Splunk in real-time, allowing for immediate correlation with firewall logs, IDS/IPS data, and user activities.
- Splunk can also query ESET for deeper endpoint insights and response actions. ESET can leverage Splunk’s advanced analytics and customized detection rules.
- Splunk’s alerting and workflow capabilities can automatically trigger containment and remediation actions.
To achieve all this, ESET is supporting two approaches to data sharing:
- Syslog-based integration – ESET PROTECT can export syslog-format events to Splunk.
- API-based integration – ESET provides REST APIs allowing Splunk to query and pull relevant security events and telemetry directly.
Thanks to our varied data sharing methods, we can cater to diverse client architectures, leaving no one behind when it comes to their security needs or wants. Businesses of any size can benefit here, achieving a prevention-first security posture with a streamlined approach to threat response.
“At ESET, we are committed to improving our customers’ experience. This integration can augment their existing security toolset, supplying ESET threat data with network and user activity logs, enabling faster threat detection without the need to hop between multiple consoles,” said Pavol Šalátek, Director of Global Business Partnerships and Alliances at ESET. “This is also a boon for MSPs, which can integrate ESET data into their existing Splunk environments, offering advanced detection and response services for their diverse clientele,” he added.
Security analysts, incident responders or IT admins will find that by harnessing the award-winning power of the ESET PROTECT Platform, with its low impact on performance and capability to offer deep insight into devices, can enhance any existing setup, leading to risk reduction, satisfying business leadership and regulatory compliance.
Learn more about the way we approach integrations on our dedicated ESET integrations webpage.
Discover more about the ESET PROTECT Platform’s comprehensive power.
Find out how Splunk enhances threat response.
About ESET
For 30 years, ESET® has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint security to encryption and two-factor authentication, ESET’s high-performing, easy-to-use products give individuals and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24/7, updating defenses in real time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&D facilities worldwide, ESET became the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single “in-the-wild” malware without interruption since 2003.
About Version 2 Digital
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.
Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.
