- ESET PROTECT, including its Detection and Response capabilities, integrates seamlessly with Splunk SIEM.
- This integration empowers security admins to benefit from endpoint protection data correlated with other security insights in Splunk, facilitating rapid investigation and automated workflows.
- Easier aggregation of ESET detection events with broader security telemetry within Splunk ensures holistic insight and a way for security teams to do more with fewer tools and less manual work.
SAN FRANCISCO, April 28, 2025 (GLOBE NEWSWIRE) -- ESET, a global leader in cybersecurity solutions, today announced a new major integration of its ESET Endpoint Management Platform (ESET PROTECT) with Splunk, a leading security information and event management (SIEM) platform.
Security professionals often find themselves stretched thin due to a general lack of resources, including talent. This presents opportunities for incomplete visibility and delayed response, which can be devastating in an era of burgeoning cyber-attacks. Thus, there is a demand for simpler workflows and enhanced efficiencies. This though requires a different approach, which is why integrations have become critical.
At ESET, we’ve already integrated our ESET PROTECT Platform or its modules with multiple solutions such as Microsoft Sentinel, Stellar Cyber, or IBM QRadar, and we are continuing this journey with the Splunk SIEM.
Splunk is widely used for IT operations, security, and business analytics, helping organizations gain valuable insights from their data. It is designed for searching, monitoring, and analyzing machine-generated big data via a web-style interface. It captures, indexes, and correlates real-time data in a searchable repository from which it can generate graphs, reports, alerts, dashboards, and visualizations. It supports a wide range of data sources and provides tools for data ingestion, processing, and visualization, making it a versatile solution for managing and interpreting large volumes of data efficiently.
The ESET PROTECT Platform, including its Detection and Response capabilities (ESET Inspect), integrates seamlessly with Splunk SIEM, enabling organizations to consolidate security alerts and telemetry into a single pane of glass by:
- Streaming ESET endpoint alerts directly to Splunk in real-time, allowing for immediate correlation with firewall logs, IDS/IPS data, and user activities.
- Splunk can also query ESET for deeper endpoint insights and response actions. ESET can leverage Splunk’s advanced analytics and customized detection rules.
- Splunk’s alerting and workflow capabilities can automatically trigger containment and remediation actions.
To achieve all this, ESET is supporting two approaches to data sharing:
- Syslog-based integration – ESET PROTECT can export syslog-format events to Splunk.
- API-based integration – ESET provides REST APIs allowing Splunk to query and pull relevant security events and telemetry directly.
Thanks to our varied data sharing methods, we can cater to diverse client architectures, leaving no one behind when it comes to their security needs or wants. Businesses of any size can benefit here, achieving a prevention-first security posture with a streamlined approach to threat response.
“At ESET, we are committed to improving our customers’ experience. This integration can augment their existing security toolset, supplying ESET threat data with network and user activity logs, enabling faster threat detection without the need to hop between multiple consoles,” said Pavol Šalátek, Director of Global Business Partnerships and Alliances at ESET. “This is also a boon for MSPs, which can integrate ESET data into their existing Splunk environments, offering advanced detection and response services for their diverse clientele,” he added.
Security analysts, incident responders or IT admins will find that by harnessing the award-winning power of the ESET PROTECT Platform, with its low impact on performance and capability to offer deep insight into devices, can enhance any existing setup, leading to risk reduction, satisfying business leadership and regulatory compliance.
Learn more about the way we approach integrations on our dedicated ESET integrations webpage.
Discover more about the ESET PROTECT Platform’s comprehensive power.
Find out how Splunk enhances threat response.
About ESET
ESET® provides cutting-edge digital security to prevent attacks before they happen. By combining the power of AI and human expertise, ESET stays ahead of emerging global cyberthreats, both known and unknown— securing businesses, critical infrastructure, and individuals. Whether it’s endpoint, cloud, or mobile protection, our AI-native, cloud-first solutions and services remain highly effective and easy to use. ESET technology includes robust detection and response, ultra-secure encryption, and multifactor authentication. With 24/7 real-time defense and strong local support, we keep users safe and businesses running without interruption. The ever-evolving digital landscape demands a progressive approach to security: ESET is committed to world-class research and powerful threat intelligence, backed by R&D centers and a strong global partner network. For more information, visit www.eset.com or follow our social media, podcasts and blogs.
Media contact: Jessica Beffa jessica.beffa@eset.com 720-413-4938
