scroll it

Break Your Pentesting Data Out of Its Silo with Synack and Splunk

Greg Copeland
0% read

Penetration testing (or pentesting) is a powerful method helping security teams to identify and remediate security issues in applications and infrastructure before attackers can act. Unfortunately, results of pentesting have typically been siloed to teams responsible for application security testing or compliance, limiting the potential to drive proactive efforts to improve enterprise security posture. 

Synack’s integration with Splunk Enterprise and Splunk Cloud addresses this challenge by unlocking the strategic value of pentesting data to make it actionable for continuous security improvement efforts.

To support the assumption of the pentesting results silo, let’s review some data. In a forthcoming report, Synack, in partnership with TechTarget’s Enterprise Security Group, surveyed 200 security decision-makers to evaluate enterprise usage of pentesting solutions and their effectiveness. 

Responses showed that pentesting was considered a best practice to assess and mitigate risk (55%), assist in incident response (52%), and as a tool to tactically discover and remediate vulnerabilities (51%). 

But notably, only 32% of organizations reported using pentesting data to proactively improve overall security and posture. And no wonder, 66% of those same organizations said they found pentesting reports or data difficult to operationalize into security operations processes, while 62% reported finding them difficult to integrate into other data or reports to assess overall organizational risk. 

Synack’s Pentesting as a Service offers an alternative to traditional pentesting reports, which are typically delivered as static, annual PDF reports. Instead, dynamic strategic testing data is  available continuously and on-demand to keep pace with the rapid rate of change in modern agile application development environments. Synack’s PTaaS results are available 24/7 in our platform and can also be integrated into the Synack App for Splunk

In the past, security testing data was typically siloed within specialized groups, such as application security red teams, and not made an integral part of an organization’s day-to-day security operations. By exposing, visualizing and continuously updating Synack PTaaS data in Splunk, organizations can find and fix more security gaps before bad actors do. 

Results of security tests can also be searched alongside production security monitoring data to identify instances where threats are already present, and recommendations from Synack tests can provide security blue teams an immediate path to remediation.

The Synack App for Splunk makes it easy to filter and pivot results of vulnerabilities by category, severity, impact and breadth. It’s not just CVE numbers that are submitted but also a detailed report of what was tested, how the Synack Red Team breached the defense and what is recommended for remediation. If a CISO asks whether a particular exploit has been tested, the answer can be found quickly and the full context and remediation details are provided at the same time.

The integration also makes it easier to track the effectiveness of remediation efforts, reporting on metrics such as number of days to remediation and patch efficacy, allowing the SecOps team to verify and prove that they are closing security gaps quickly and effectively. Teams can filter and search to see whether different types of vulnerabilities are on the rise or decline, offering guidance about which areas security operations warrant more attention. 

By breaking pentesting data out of its silo, the Synack App for Splunk brings more value to the broader SecOps organization and makes data actionable for proactive and continuous enterprise security posture improvement. 

The Synack App for Splunk, compatible with Splunk Enterprise and Splunk Cloud, is available and can be leveraged by customers with valid Synack and Splunk subscriptions. Not yet a Synack customer? Request a demo today to learn more about the value of Synack PTaaS.

Attending Splunk .conf24 on June 11-13 in Las Vegas? Stop by the Synack booth for an in-person demo and to talk to a product expert.