Countdown to AWS re:Invent – Security Requires Visibility

Learn all about Splunk at AWS re:Invent 2016.

I first heard the phrase ‘Security Requires Visibility’ during the Introduction to AWS Security session at the 2015 AWS SF Summit.  I must say, it immediately resonated.

Over the past 3 years at Splunk, I’ve spoken with customers such as Adobe, Autodesk, FamilySearch, FINRA and more about how they leverage Splunk visibility to help ensure security and compliance on AWS.  The reason is simple and was best said by AWS themselves – ‘Security Requires Visibility’.

Adobe Blog Graphic #2

Given this simple axiom, I’m thrilled that at this year’s re:Invent, Adobe will be speaking on how they use Splunk to achieve AWS Security Monitoring and Compliance Validation on AWS.  The title of …

» Continue reading

Best Practices for using Splunk Enterprise for compliance

Screen Shot 2016-11-09 at 2.06.28 PMIn September at .conf2016, the Splunk worldwide users conference, I co-presented a session titled “How to Use Splunk for Automated Regulatory Compliance.” It included a discussion of regulatory compliance and standard/framework 101 and how Splunk could be used for compliance, including some case studies and product demos of the Splunk App for PCI Compliance, the CIS Critical Security Controls App for Splunk, Splunk Enterprise Security, and Splunk User Behavior Analytics.

For the technical ninjas attending the session, the most interesting part was probably the closing section covering best practices related to using Splunk Enterprise for compliance which is the focus of this blog post. I have listed these best practices below in …

» Continue reading

Meet the 2016 Splunk Revolution Award Winners!

Splunk-Revolution-Twitter-440x220While .conf2016 is officially a wrap, we continue to celebrate this year’s Revolution Award winners!

The sixth annual Splunk Revolution Award ceremony crowd was our biggest ever. Splunk CEO Doug Merritt announced the winners to a global audience of Splunk customers, partners and Splunkers; many of us had just arrived to .conf2016 with three full days of sessions still ahead of us!

The Splunk community comradery present at the ceremony was the perfect way to begin the best .conf ever!

Doug Merritt, Splunk CEO, presented the 2016 Splunk Revolution Awards at .conf2016 at Disney World in Orlando, Florida.

Doug Merritt, Splunk CEO, presented the 2016 Splunk Revolution Awards at .conf2016 at Disney World in Orlando, Florida.

“Each year, the Revolution Awards celebrate and recognize passionate customers that have shared their exemplary breakthrough stories of innovation using Splunk inside …

» Continue reading

Reimagining IT at .conf2016

Last month, during the IT Ops Keynote at Splunk .conf2016, Splunk’s Chief Technology Advocate Andi Mann talked about the massive impact and opportunity created by digital transformation. Every industry, every business and every organization is experiencing the effects of digitization and dealing with an astounding rate of change. Whether it’s software-defined-everything, containerization, microservices or the world of the Internet of Things (IoT), digital transformation is everywhere. This newest evolution of IT is disrupting market leaders and upending entire industries – pushing every business to be a technology business. Digital transformation is also changing the technology we use as well as the way our teams connect, work and solve problems.

» Continue reading

Buttercup Games – Level 2: Buttercup Go data

Buttercup Go is thriving 4,234 people have played the game and lots of data is being generated. In this post I’ll walk through some of the data we are generating.

Screen Shot 2016-09-28 at 6.08.32 PM

The data includes web, OS, load balancer, network, firewall, other AWS data, etc. There are a few other data sources I want to point out specifically.

Authentication Data

We wanted to allow users to play right away, without the need to sign up. Auth0 was a perfect choice. It was quite easy to use and gave us everything we needed. Not only did it allow many authentication options (think Google, Facebook, Twitter, LinkedIn, etc) but Auth0 also generated great data and could send directly into Splunk. Here was the breakdown of how people …

» Continue reading

Buttercup Games – Level 1: The Premise

If you saw the .conf2016 keynote you might be wondering “What is Buttercup Games? Is it for real?” Well, yes and no. It’s not a real company, but it is a real game.

Screen Shot 2016-09-28 at 12.43.49 PMSo why Buttercup Games? Years ago a few Splunkers decided to build some training material around a fictitious company and make it fun. They chose to take our mascot (Buttercup) and something fun (games) and combine them. Buttercup Games was born. Logos were designed, data was generated, classes were created. Maybe you’ve even taken one – if you haven’t you should. Especially if you attended .conf this year and got $5,000 in education credit for free.

A couple of weeks ago some Splunk employees …

» Continue reading

Adaptive Response: Beyond Analytics-Driven Security

SCL-Splunk-conf2016-Badge-7-v2_fb-1200x627

Now that .conf2016 is in full swing, I’m excited to discuss one of my favorite topics – the Splunk-led Adaptive Response Initiative, which we first announced at the RSA Conference earlier this year. We made a big splash with a strong group of 8 founding participants representing key security technologies like Network Firewall, Endpoint Detection and Response, Privileged User Management, Threat Intelligence, and Incident Response. We are thrilled by the support from Splunk customers and strategic partners as we continue to enable organizations to operate multi-vendor adaptive security architectures and bring life to our vision for a security nerve center.

So here we are in Orlando, and I’m happy to share our latest Adaptive Response milestones:

  1. We have extended Adaptive Response controls into Splunk Enterprise Security 4.5 (ES)
  2. Vendor
» Continue reading

The Fabric That’s Powering Your Digital Transformation

SCL-Splunk-conf2016-Badge-1_fb-1200x627It’s finally here! Splunk .conf2016. This is the most exciting week on the Splunk calendar. An opportunity for us to hear all the great things our customers and partners are up to. We’re always amazed to see the endless spigot of new and creative uses for Splunk. Listening and learning from our customers and partners gets every Splunker fired-up and inspired. And of course, this week gives us a chance to download the latest innovations we’ve been hard at work on as well.

Flying to Orlando gave me a little time for reflection. It amazes me how much has changed in less then a decade. I took an Uber instead of a taxi to the airport, used a mobile …

» Continue reading

Introducing Splunk Enterprise 6.5 – Machine Learning and Simplified Data Analysis Open New Vistas

SCL-Splunk-conf2016-Badge-2_fb-1200x627Want to put the power of machine learning (ML) to work to help optimize IT, security or biz ops? Wish it were easier for more users in your org to use Splunk for data analysis? Or maybe you’d be interested in improving power user productivity, automating management functions, or lowering storage TCO? Splunk Enterprise 6.5 has something for everyone.

Machine Learning Meets Machine Data

The latest release of the Splunk platform lets you put machine learning to work to tackle any use case that matters to your organization.

ciscoquote

Splunk Enterprise has long offered a strong array of ML commands like anomalydetection, outlierpredict and cluster that use fixed algorithms to do their work – no ML expertise required. Today, …

» Continue reading

Use Analytics-Driven Decision Making and Automation to Improve Threat Detection and Operational Efficiency

SCL-Splunk-conf2016-Badge-4_fb-1200x627Today, we announced major advancements to our security analytics portfolio with a new version of Splunk Enterprise Security 4.5 (ES), which introduces significant innovations to Splunk ES.

Enterprise Security (ES) 4.5 includes Adaptive Response, which helps extend security architecture beyond legacy preventative technologies, and events-based monitoring to use connected intelligence for security operations to gain full visibility and responsiveness across the entire security ecosystem. The new release introduces Glass Tables, which expands the visual analytics capabilities of Splunk ES.

Meeting the growing needs of CISOs adopting automation and orchestration

Many Splunk security customers already use automation to eliminate routine tasks in order to accelerate detection and streamline their response times. A recent survey conducted by 451 Research reveals that 57% …

» Continue reading