Splunk Enterprise Selected Best Fraud Prevention Solution in 2015 SC Awards
It has been an exciting week for all of us at Splunk who were fortunate enough to attend this year’s RSA Conference, focused on cybersecurity. From the wonderful Splunk stories by customers visiting our booth, to the engaging presentations from our partners and customers, RSA is always guaranteed to be a highlight on the Splunk Security calendar. (Our unique t-shirts never fail to build some buzz either!).
During the week we were also honored at the SC Magazine 2015 U.S. awards by winning the Best Fraud Prevention solution. A cross-section of SC Magazine readers selected the finalists and winners in the Reader Trust Award categories, and we are honored that this also marked the third consecutive year that …
Using Splunk for Your Vulnerability Management
The last days have been full of Microsoft ISS http.sys Vulnerability informations and notifications. So patching was at the top of the agenda for many companies and teams.
Recently Verizon also released their yearly data breach report. One of the major trends they have seen is that vulnerabilities are still not patched or isolated at systems and are one of the highest risk factors over the last 20 years.“We found that 99,9% of the exploited vulnerabilities had been compromised more than a year after the CVE was published.”
So why are still attackers so successfully with this attack method? I guess it cokes down to the fact that often there is not an established vulnerability incident handling process in place. Did you know …
Accelerate the Detection of Advanced Threats and Malicious Insiders
Cyber threats are becoming increasingly sophisticated, employing multiple attack vectors and utilizing legitimate ports to exfiltrate sensitive company information. These threats often sit undetected on infected systems for months while modifying, viewing, and stealing your data. And unfortunately, finding them is only part of the battle. To effectively remediate them can require days or weeks of investigation from the security team to trace back through the kill chain to determine the source of the infection, the path it employed, and the actions it took. Of course, this is of concern on multiple fronts; not only does the infection remain for a longer period of time, but the cost of remediation can become significant in its own right.
Similarly, malicious insiders …
The Splunk Apptitude App Contest to give out $150,000 in prizes
The RSA Conference 2015 is in full swing here in San Francisco, and Splunk is out in force. With so much news coming out of the conference, it’s easy for things to get lost in the shuffle so I wanted to let you all know the what, why, when and how about the new Splunk Apptitude App Contest that we announced this morning.
The Splunk Apptitude App Contest is an online competition designed to find the next big app using Splunk software. Whether it’s the next cutting edge visualization, or a highly technical security app – we want your big ideas. And we’ll give you more than just bragging rights, we’ll give you cash.
The Splunk Apptitude contest serves …
SAIC & Splunk as a Security Intelligence Platform
Splunk is one of the fastest growing companies in the hi-tech industry for a reason. We constantly push the boundaries on how we, and others, think about complex problems. One area that we’ve been successfully driving for a few years now is Security Intelligence. We learned early on, through the eyes of our customers, that the traditional approach to security had severe limitations. It was pure disruption and innovation to invert the thinking in this area and use the native Splunk platform to identify and ingest massive quantities and sources of unstructured and semi-structured data. This has enabled Splunk customers to index machine-generated data and query it with schema-on-the-fly, powering visualizations, dashboards, alerts and proactive remediation. This is what has …
Steps for implementing Fraud Detection
A couple of years ago, I wrote about how easy it is to detect fraud, mostly in the financial services industry, using Splunk Enterprise in a blog article. What I provided were the last steps on using the Splunk Search Processing Language to accomplish the task. However, for most people, who are new to Splunk, that doesn’t really help as it only gives you a prescription after you’ve uncovered the symptoms and, should I say, possible disease.
Today, I’d like to step back a little bit and give you the full high level steps on implementing fraud detection for your needs. This may make the previous article a little more clear.
Understand Your Use Cases
Before you do anything, …
Splunk MINT: Security & Privacy
Last year, Splunk introduced Splunk MINT, which provides real-time operational intelligence for your mobile apps. In March, we announced a major update, where Splunk MINT delivers operational intelligence directly to your instance of Splunk Enterprise. From time to time, we get asked about the security implications of delivering operational intelligence from mobile apps to your enterprise, and we wanted to answer some of your most frequently asked questions.
How do mobile apps get uniquely identified?
Customers need to sign up at Splunk MINT Management Console at https://mint.splunk.com. The customers get SDKs and API keys. The organization’s mobile developers will need to incorporate the SDKs into their mobile apps and initialize them with the API keys. The APIs …
Security is a hot topic – where better than GISEC in Dubai to get Splunking your security?
Needless to say security is a hot topic right now with the numbers, sophistication and impact of threats ever increasing. It seems like the upcoming GISEC event in Dubai is well timed. Splunk is exhibiting at the event and we’ll be showcasing how Splunk is used as a security intelligence platform by thousands of organisations worldwide. Splunk has a number of customers in the Middle East from the very large international companies to smaller ones, as well as public sector organisations.
A lot of our customers in the region are using Splunk as a security intelligence platform because they need more than a traditional SIEM can offer. In December last year we had the Head of IT Risk for …
Splunk at RSA 2015
Need to justify your trip to RSA 2015 next week? Just tell your boss that Splunk will be there, and we have some surprises in store for you! Throughout the conference, we will be running a new demo that shows you how to gain unprecedented visibility throughout your organization.
We will be unveiling the new demo, along with a special announcement and a limited edition t-shirt on Tuesday, April 21st, at 11:15am in the Splunk booth (#3321). And by “special edition”, I really mean special edition! If you’re a fan of Splunk t-shirts, you won’t want to miss this. We will only have a limited supply on hand, and we will only have them on Tuesday!
Big Data and Insider Threats: Industry Conversations
On any given day, you will hear numerous buzzwords within the government IT marketplace. Recent conversations surrounding big data, cybersecurity and insider threats are top of mind for government organizations. These discussions are imperative for exploring the challenges, needs and viable solutions that are necessary to achieve a stable security infrastructure. However, it is essential that these conversations involve both sides of the table – government agencies and technology providers.
At Splunk, we work to achieve greater Operational Intelligence through collaboration with our industry peers. Just last week we participated in an Insider Threat Detection and Mitigation conference where Adam Cohn, the director of Government Affairs & Public Policy at Splunk, discussed how agencies can manage insider threat risks in …