How Splunk Can Help You Prevent Ransomware From Holding Your Business Hostage

A group of hackers recently cost Madison County, Indiana $200,000 and another group demanded $73,000 from the San Francisco Municipal Transport Agency (SFMTA) over the Thanksgiving holiday to decrypt frozen data. What was the common factor connecting the two attacks? A popular form of malware known as ransomware.

Why You Should Care About Ransomware

Ransomware is often used to extort funds directly from victims. Ransomware literally takes systems hostage, requiring a “ransom” to free those systems back to a usable state. This can be a very lucrative business for cyber criminals.

Ransomware, like other malware, gets into your network via bad actors who figure out a way to deliver it into your environment without “sounding an alarm” – for example, …

» Continue reading

SC16 Conference: Home of the The World’s Fastest Network

conferenceYou don’t think of High Performance Computing (HPC) everyday but its use in a diverse set of applications such as climate prediction, nuclear labs, oil and gas discovery, defense and aerospace work, financial forecasting and other computational intensive activities touch us in our daily lives.  And from November 13 – 18, 2016 Salt Lake City become the home for HPC enthusiasts at the SC16 conference.

What makes this conference different than any other? It happens to be the home for the world’s fastest network, SCinet. It is a high-performance, experimental network that is specifically built for the conference and connecting it to the broader internet. To give you a sense of its capacity, it provides more than 5 Tpbs(!) of internal …

» Continue reading

Stop Security Threats With Real-Time Data Monitoring

Imagine having a vast library of books but not being able to see what words live on the page that you are reading or want to read. That would be like being able to ingest security relevant data from a diverse array of data sources but not being able to use that information to monitor your security posture in near real time.

Library of Congress

Library of Congress

Real-time data monitoring is essential to secure an enterprise because it gives security practitioners the ability to monitor and manage the consumption and use of machine data across complex IT and security systems with visual insights into that data. The data can come from sources such as web logs, application usage to digital transactions. Why …

» Continue reading

Make Security Incidents Less Scary By Organizing Your Response

The Federal Emergency Management Agency (FEMA) created the National Response Framework in 2008 to organize how the national government responds to natural disasters, terrorist attacks and other catastrophic events. Unfortunately, government resources alone can’t properly respond to disasters. That’s why the framework exists. It helps organize FEMA’s limited resources to respond to threats in the most efficient manner possible.

The six-step planning process from FEMA’s National Response Framework

The six-step planning process from FEMA’s National Response Framework

Similarly, incident response is an organized approach to addressing and managing the aftermath of a security breach or attack. The goal is to best organize alerts and resources within a security information and event management (SIEM) system to handle the situation in a way that limits damage and reduces recovery time and …

» Continue reading

Three Ways Machine Data Makes Your SIEM Better at Security

All data is security relevant is a mantra that security practitioners should get used to saying. But knowing what sources you need to tap into to improve your security posture can seem like a daunting task. It doesn’t need to be.

Data sources are a way companies solve the security issues causing them pain or issues that may cause harm. So what exactly is a data source? It can be almost anything from the machine data being generated by your existing firewall to online web logs. Just what data sources you tap into depends on your security use case.

There are already companies that have found unique ways to leverage machine data to work for their specific needs – whether …

» Continue reading

Splunk User Behavior Analytics snags CRN’s 2016 Products of The Year Finalist Ranking

crn-products-of-the-year-2016-400I’m pleased to share Splunk was named to …

» Continue reading

SF Muni Hacked. Learn How to Detect Ransomware in Your Environment

Join security expert James Brodsky for our How-to Webinar: Detection of Ransomware and Prevention Strategies on December 13.

SF Muni was hit with a Ransomware attack last week, just as the prime holiday shopping season was kicking off. For many, the free fares for the weekend while Muni assessed the damage probably seemed like a holiday gift or customer service bonus.

But the lost revenues and potential $73K ransom they were asked to pay was no bonus for the IT and security teams.

News of Ransomware attacks are becoming much more common these days, with a reported $209M paid to ransomware criminals in Q1 2016 and the FBI anticipating ransomware to be a $1B source of income for cybercriminals this year.

Ransomware attacks are on the rise.

Ransomware attacks

» Continue reading

Double whammy for Splunk at the Computing Security Excellence Awards 2016!

Hello all,

 

Yesterday we had the honour of participating in the Security Excellence Awards from Computing.co.uk.

Computing is the leading information resource for UK technology decision makers, providing the latest market news and hard-hitting opinions.

Following the Enterprise Security and Risk and Management Summit held at the Hilton Tower Bridge, the award ceremony  revealed the industry’s leading companies, solutions, products and personalities.

Splunk was nominated in two categories – and was successful in both.

We won the award for Best SIEM for our Splunk Enterprise Security Solution as well as taking home the prize for Security Vendor of the Year.

computing2016

What a great testament to the success customers achieve with our Enterprise Machine Data Fabric. We are always …

» Continue reading

Introducing the Security Investigation Guided Online Experience

Are you looking to get started with Splunk for security? Or perhaps looking for how-to guides to help your Tier 1 analysts investigate security alerts?

Lots of our customers are, so we’re here to help.

Introducing the first in a series of guided online experiences that allow you to detect, validate and scope potential threats using Splunk.

Screen Shot 2016-11-21 at 11.50.43 AM

Step-by-step guide accompanying the Security Investigation online experience.

Each experience in this series will include a video walk through, a step-by-step guide and an online Splunk instance, pre-loaded with data so you can jump right in and learn how to address security issues with Splunk. No download required. No login required. No need to add data. Just get in there and …

» Continue reading

Recap: Splunk @ Blackhat Europe 2016

Hello Splunk Ninjas!
blackhat-euEarly November the Splunk Team attended Blackhat Europe at the Business Design Centre in London. The European hacking and penetration testing community came together to meet, exchange, collaborate and share details on what the latest hacks and vulnerabilities are. It was also an opportunity to showcase potential risks and to discuss how to improve security for organizations and consumers.

Splunk’s schedule was full during the briefing days. In our booth we shared the latest technology about big data analytics in security, machine learning, threat intelligence gathering and how security team’s should prepare for the future with automation.

THREAT HUNTING PRESENTATION, BUSINESS HALL

James Hanlon, Security Markets Specialist, presented in the Business Hall about how …

» Continue reading