Splunk Threat Intelligence Management (Cloud) is a cloud-hosted threat intelligence data management service available for use within Splunk Enterprise Security. You can pair your on-premises deployment of Splunk Enterprise Security with a Threat Intelligence Management (Cloud) tenant.

Splunk Enterprise Security cloud deployments are automatically paired with a Threat Intelligence Management (Cloud) tenant by Splunk Cloud operations automation. Users on a cloud deployment of Splunk Enterprise Security don’t need to complete any additional steps to pair.

If you’re an admin for a Splunk Enterprise Security on-premises deployment, you must complete the following steps to pair your Threat Intelligence Management (Cloud) tenant. Only admins, or users with the manage_tim_on_cmp and list_storage_passwords capabilities, can complete the pairing process.

For compliance information, see Determining if Threat Intelligence Management (Cloud) is compliant with your organization’s standards.