Press Center

• ESET PROTECT, including its Detection and Response capabilities, integrates seamlessly with Splunk SIEM.
• This integration empowers security admins to benefit from endpoint protection data correlated with other security insights in Splunk, facilitating rapid investigation and automated workflows.
• Easier aggregation of ESET detection events with broader security telemetry within Splunk ensures holistic insight and a way for security teams to do more with fewer tools and less manual work.

BRATISLAVA — April 28, 2025 — ESET, a global leader in cybersecurity solutions, today announced a new major integration of its ESET Endpoint Management Platform (ESET PROTECT) with Splunk, a leading security information and event management (SIEM) platform.

Security professionals often find themselves stretched thin due to a general lack of resources, including talent. This presents opportunities for incomplete visibility and delayed response, which can be devastating in an era of burgeoning cyber-attacks. Thus, there is a demand for simpler workflows and enhanced efficiencies. This though requires a different approach, which is why integrations have become critical.

At ESET, we’ve already integrated our ESET PROTECT Platform or its modules with multiple solutions such as Microsoft Sentinel, Stellar Cyber, or IBM QRadar, and we are continuing this journey with the Splunk SIEM.

Splunk is widely used for IT operations, security, and business analytics, helping organizations gain valuable insights from their data. It is designed for searching, monitoring, and analyzing machine-generated big data via a web-style interface. It captures, indexes, and correlates real-time data in a searchable repository from which it can generate graphs, reports, alerts, dashboards, and visualizations. It supports a wide range of data sources and provides tools for data ingestion, processing, and visualization, making it a versatile solution for managing and interpreting large volumes of data efficiently.

The ESET PROTECT Platform, including its Detection and Response capabilities (ESET Inspect), integrates seamlessly with Splunk SIEM, enabling organizations to consolidate security alerts and telemetry into a single pane of glass by:

• Streaming ESET endpoint alerts directly to Splunk in real-time, allowing for immediate correlation with firewall logs, IDS/IPS data, and user activities.
• Splunk can also query ESET for deeper endpoint insights and response actions. ESET can leverage Splunk’s advanced analytics and customized detection rules.
• Splunk’s alerting and workflow capabilities can automatically trigger containment and remediation actions.

To achieve all this, ESET is supporting two approaches to data sharing:

• Syslog-based integration – ESET PROTECT can export syslog-format events to Splunk.
• API-based integration – ESET provides REST APIs allowing Splunk to query and pull relevant security events and telemetry directly.

Thanks to our varied data sharing methods, we can cater to diverse client architectures, leaving no one behind when it comes to their security needs or wants. Businesses of any size can benefit here, achieving a prevention-first security posture with a streamlined approach to threat response.

“At ESET, we are committed to improving our customers’ experience. This integration can augment their existing security toolset, supplying ESET threat data with network and user activity logs, enabling faster threat detection without the need to hop between multiple consoles,” said Pavol Šalátek, Director of Global Business Partnerships and Alliances at ESET. “This is also a boon for MSPs, which can integrate ESET data into their existing Splunk environments, offering advanced detection and response services for their diverse clientele,” he added.

Security analysts, incident responders or IT admins will find that by harnessing the award-winning power of the ESET PROTECT Platform, with its low impact on performance and capability to offer deep insight into devices, can enhance any existing setup, leading to risk reduction, satisfying business leadership and regulatory compliance.

Learn more about the way we approach integrations on our dedicated ESET integrations webpage.

Discover more about the ESET PROTECT Platform’s comprehensive power.

Find out how Splunk enhances threat response.

About ESET
ESET develops software solutions that deliver instant, comprehensive protection against evolving computer security threats. ESET pioneered and continues to lead the industry in proactive threat detection. ESET NOD32 Antivirus, its flagship product, consistently achieves the highest accolades in all types of comparative testing and is the foundational product that builds out the ESET product line to include ESET Smart Security. ESET Smart Security is an integrated antivirus, antispyware, antispam and personal firewall solution that combines accuracy, speed and an extremely small system footprint to create the most effective security solution in the industry. Both products have an extremely efficient code base that eliminates the unnecessary large size found in some solutions. This means faster scanning that doesn’t slow down computers or networks. Sold in more than 160 countries, ESET has worldwide production headquarters in Bratislava, SK and worldwide distribution headquarters in San Diego, U.S. ESET also has offices in Bristol, U.K.; Buenos Aires, AR; Prague, CZ; and is globally represented by an extensive partner network. For more information, visit our local office at https://eset.version-2.sg.

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The Company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which includes Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities. For more information, please visit https://www.version-2.com.sg/ or call (65) 6296-4268.