Splunk Enterprise Security as SIEM, ingesting logs from: CrowdStrike, Palo Alto firewalls, Zscaler, Azure AD, AWS CloudTrail, Proofpoint, CyberArk, and application logs. - CrowdStrike Falcon for endpoint detection and response. - Recorded Future for threat intelligence feeds integrated into Splunk.