Introduction to Splunk Secure Application

Discover security vulnerabilities in your applications.

Splunk Secure Application enables engineering teams to move from reactive vulnerability management to proactive defense without the complexity of switching between fragmented tools or deploying extra agents.

Secure Application seamlessly unifies security and observability within Splunk Observability Cloud. It continuously scans code and detects run-time vulnerabilities in real time using existing agents. By correlating detected security risks with application context (such as service, environment, and libraries) it helps to prevent exploits and defend applications. The contextual insights provided empower teams to accelerate secure code delivery, all without constant firefighting.

Splunk Secure Application is an add-on for Splunk APM.

Key features

Secure Application provides detailed security visibility through the following key features:

  • Enhanced SLA compliance: Run-time application vulnerabilities detection-based application context and risk.

  • Run-time visibility of application libraries with application context.

  • Reuse of existing Splunk APM agents for application security.

  • Alerting: Supports configuring notifications about new vulnerabilities associated with specific environments and services.

  • Export: Supports exporting the list of third-party libraries included in your application.

Requirements

  • You are a Splunk Observability Cloud user with a Splunk APM license.

  • You're using a Splunk Distribution of OpenTelemetry agent.

  • You're using the Splunk Distribution of OpenTelemetry Collector or the community (upstream) collector as described in Step 1: Deploy a supported OpenTelemetry Collector.

Supported language frameworks

  • Java