Adaptive Response: A Level Deeper for Continued Customer Success

Splunk at RSA Conference 2017bOver the past three or four years, we’ve been hearing more and more about analytics-driven security at RSA. Years ago, when Splunk first introduced the concept to the marketplace, we were living in a world where security practitioners were still focusing on prevention, rather than detection. Since then, advanced cyber adversaries have forced security analysts to change the way they think about posture. Security analysts no longer buy into the idea that there is a silver bullet for security, and vendors acknowledge that security is a team sport. With this shift in mindset comes a change in strategy, where end-to-end context and cross-vendor analytics are emphasized to better detect and respond to threats in real time. Detection is now king.…

» Continue reading

Splunk and Cisco Umbrella: See what you’ve been missing…

The following is a guest post by Rachel Ackerly, product marketing manager, Cisco Umbrella.

Screen Shot 2017-02-13 at 9.40.19 AM

Do you have eyes in the back of your head? (Unless you’re my mother, there is a good chance you don’t.) Many security products claim to provide visibility into what’s happening on your network, but how many actually deliver on that promise?

So how do you see what’s happening on the internet, beyond your perimeter? Isn’t that the question security professionals have been struggling with as the world becomes more mobile? Your employees connect to the internet from many different locations and devices. VPN is no longer necessary to get work done, they use Software-as-a-Service (SaaS) apps. But that leaves users more vulnerable to threats, …

» Continue reading

Adaptive Response: Beyond Analytics-Driven Security

SCL-Splunk-conf2016-Badge-7-v2_fb-1200x627

Now that .conf2016 is in full swing, I’m excited to discuss one of my favorite topics – the Splunk-led Adaptive Response Initiative, which we first announced at the RSA Conference earlier this year. We made a big splash with a strong group of 8 founding participants representing key security technologies like Network Firewall, Endpoint Detection and Response, Privileged User Management, Threat Intelligence, and Incident Response. We are thrilled by the support from Splunk customers and strategic partners as we continue to enable organizations to operate multi-vendor adaptive security architectures and bring life to our vision for a security nerve center.

So here we are in Orlando, and I’m happy to share our latest Adaptive Response milestones:

  1. We have extended Adaptive Response controls into Splunk Enterprise Security 4.5 (ES)
  2. Vendor
» Continue reading

Splunk Security Shines at RSA 2016

__LinkedIn-698x400-NerveCenterThe annual RSA conference always brings an extra flurry of activity and excitement for Splunk Security, and this year was no different. In addition to meeting with hundreds of our wonderful customers and partners from around the world, it provides an opportunity to reach thousands of new security professionals and demonstrate how Splunk solutions enable organizations to optimize their security operations and improve their security posture.

Integra delivered a session discussing how they used Splunk to build a first-rate SOC to solve their big data security challenges and meet their security commitments for their customers. And in a session delivered by Splunk’s Chief Security Evangelist, Monzy Merza, attendees learned how to investigate and respond to breaches in cloud environments.…

» Continue reading

Adaptive Response Initiative to Better Combat Advanced Attacks with a Unified Defense

As we kick off this year’s RSA conference, we are very excited to announce the Adaptive Response Initiative, which brings together the best technologies across the security industry to help organizations combat advanced attacks. Splunk is proud to be leading this initiative, with other founding participants comprised of industry leaders from several security categories: Carbon Black, CyberArk, Fortinet, Palo Alto Networks, Phantom, Tanium, ThreatConnect and Ziften. All of these companies will be demonstrating their adaptive response bi-directional integration with Splunk at RSA.

The Initiative aligns best-of-breed vendors – across different security areas – who recognize the importance of helping customers get the most out of collective security intelligence.

“Designing an Adaptive Security Architecture for Protection from Advanced Attacks” Neil MacDonald and Peter Firstbrook, Gartner. Published 12 Feb 2014. Refreshed 28 Jan 2016

“Designing an

» Continue reading