Splunk Enterprise Security is a premium app for the Splunk platform that is used for enterprise security. Splunk Enterprise Security addresses SIEM (Security information and event management) use cases by providing insight into machine data from security sources.
The app comprises of prepackaged dashboards, correlations, and incident response workflows that allow the security teams to analyze and fast respond to their network, endpoint, access, malware, vulnerability, and identity information.
If you are looking for an online course to learn Splunk, check out this Splunk Certification program by Intellipaat.
You can watch this video on Splunk Enterprise Security:
Back