Splunk Named a Leader in Gartner SIEM Magic Quadrant for the Third Straight Year

The Splunk security portfolio, including Splunk® Enterprise and the Splunk App for Enterprise Security, solves Security Information and Event Management (SIEM) requirements to dramatically improve the detection, response and recovery from advanced threats by providing broad security intelligence from data that is collected across IT, the business, and the cloud. Based on the need to protect against advanced threats, a growing number of organizations are using Splunk security analytics to augment, replace and go beyond their legacy SIEM deployments.

gartner-2015-blog-img-470x246

This week, Gartner published the 2015 version of its annual Magic Quadrant for Security Information and Event Management. In the report, Splunk was named a leader for the third straight year.

The results of the 2015 Gartner SIEM Magic …

» Continue reading

Tutorial: Let others work for you – Give them their data!

Recently I had a great discussion with some folks from the communbeach_chiar_pc_800_clr_3539ity –  they told me that in most cases the Splunkers within an organization are the ones with the best visibility and inform other departments about issues/problems/breaches. As a result their peers in the organizations want to have the same information advantage and visibility. However, often they are just interested in their own systems and services, not from others within a large organization.

What’s the easiest and fastest approach to give them the visibility they want?

The Answer: Lookups and drop down menus

Based on the Qualys App for Splunk Enterprise I’ll explain to you how you can modify an existing dashboard that shows all vulnerabilities and how to, for …

» Continue reading

SplunkLive! SF 2015: A Recap

Screen Shot 2015-03-23 at 12.56.28 PMWe had a record breaking day in the bay at our 8th annual SplunkLive! San Francisco with over 900 attendees! This all new track style format – offering 16 different sessions in a single day – provided valuable content for Splunk newbies and seasoned Splunk customer champions alike.
 
Highlights included:

  • Godfrey Sullivan, Splunk Chairman and CEO, was joined on stage by Haiyan Song, SVP of Security Markets, and Snehal Antani, Splunk CTO. Haiyan covered the recent Caspida acquisition and the addition of data science-driven Behavioral Analytics to the industry’s most powerful analytics-enabled SIEM solution. Snehal Antani rounded out the keynote by discussing the evolution of IT; transitioning from a back office function, to a core part of the value
» Continue reading

Splunk wins “Big Data Innovation” at Computing’s Vendor Excellence Awards

ExcellenceIt is always nice to end a working week on a high and last Friday gave the Splunk EMEA team a great start to the weekend. We were nominated and won Computing’s Vendor Excellence Award for “Big Data Innovation”. The judges commented specifically on Splunk’s ability to democratize big data so that everyone can use it.

 

It was a nice way to spend a Friday afternoon and there was a lot of nervous anticipation over lunch as to who was going to win the various awards.

Awards22

The ceremony started with something I’d never seen before. The pre-award entertainment was 25 year old rapper comedian, Chris Turner (@ChrisPJTurner). Dressed in a very dapper suit he explained how he was going …

» Continue reading

Back from FiRST Berlin, discover CIRCL Passive SSL

Hello Security Ninjas,

recently Splunk took part in the FIRST 2015 conference, a conference dedicated to CERTs, Incident Responders and Security Teams. Many of the attendees shared with us that they are using Splunk regularly for security use cases and this is great to hear!

One of the notable presentations was from Alexandre Dulaunoy from the CIRCL (Computer Incident Response Center Luxembourg) and Eireann Leverett from the Cambridge Centre for Risk Studies.

Security analysts across the world are nowadays familiar with the Passive DNS technique that allows DNS information to be collected passively, just by listening to DNS requests in and out of a network. The idea Alexandre and Eireann came up with was to apply similar techniques to SSL/TLS certificates so …

» Continue reading

Meet the Splunkterns: Anne-Marie Chun

CJlc7DXUYAAKzOIWelcome back to our Meet the Splunkterns series! To recap some of the fun we have been having, last Friday the Splunkterns got to spend a little more time getting to know one another during our day of community service. We started the day learning more about Splunk4Good and and the organization Meals on Wheels, which we had the opportunity to partner with for the day. After we had our orientation and signed away our lives (just kidding!) we headed out to 6th and Mission. We spent half of the day handing out around 200 Emergency Food Kits to home-bound seniors and talking to them about emergency preparedness. I thought it was awesome spending time helping some of the residents …

» Continue reading

Smart AnSwerS #29

Hey there community, and welcome to the 29th installment of Smart AnSwerS.

SplunkLive! is currently in session in San Francisco, CA where current and potential customers get to hear from Splunkers and other fellow customers on how various Splunk products are used to gain valuable insight from their machine data. It’s a great space to learn what Splunk can bring to your organization through the many use cases that have been applied successfully, and also network with other users to share knowledge and discover new possibilities. If you missed out on attending SplunkLive! today, you can always stay tuned to our Upcoming Splunk events and webinars to see if there are opportunities near you.

Check out this week’s …

» Continue reading

Masters Of Machines 2015 Part 4: Meeting the increasing security threat head-on with Operational Intelligence

Matrix FightIn the fourth and final part of this blog series to accompany the “Masters of Machines II” research from Splunk and industry analyst Quocirca, we discuss the rising security threats faced by organisations today and how Operational Intelligence has a key part to play in defending yourself.

 

 

 

 

If you want to catch up with previous posts:

Part 1 – Discusses the high level findings from the research

Part 2 – The increase in IT complexity and managing it with OI

Part 3 – How to improve customer experience by harnessing machine data

 

The fastest growing IT management concern from 2013 to 2015 was increased security threats through the compromise of IT systems.

Report-Fig-09

The …

» Continue reading

Small IT, Big Problems: Discovering the Unknown with Log Data

Shay_New
The following excerpt is from a contributed blog post to InfoWorld:
Small IT, Big Problems: Discovering the Unknown with Log Data

For your IT team to successfully leverage log data, you first need to find a way to manage it.

Collect and centralize
Aggregating log data in one place—as it’s generated from apps, infrastructure, and distributed environments—is essential to getting an end-to-end view of IT. Having to search through individual silos of data and manually make correlations can be time consuming, especially when a key service is down. For example, sending all syslog and Windows events to a single place means you can break away from having to rely on multiple point tools to resolve an issue. Automating the collection …

» Continue reading

Enabling JMX in WebSphere Application Server

Using Splunk to collect data from disparate sources is remarkably easy; but sometimes, making those sources emit data can take a bit more effort. Here’s some quick notes on making IBM WebSphere Application Server speak Java Management Extensions so that the Splunk Add-on for Java Management Extensions and Splunk Add-on for IBM WebSphere Application Server can be used to gather data. This isn’t comprehensive documentation for all possible scenarios, but rather some notes that we gathered in the development process.

Of course, the first step is to log on to the WebSphere Admin Console. Use the menu on the left to navigate to Servers -> Server Types -> WebSphere Application Servers. Click on the Application Server instance that you want to configure …

» Continue reading