Countdown to AWS re:Invent – Security Requires Visibility
Learn all about Splunk at AWS re:Invent 2016.
I first heard the phrase ‘Security Requires Visibility’ during the Introduction to AWS Security session at the 2015 AWS SF Summit. I must say, it immediately resonated.
Over the past 3 years at Splunk, I’ve spoken with customers such as Adobe, Autodesk, FamilySearch, FINRA and more about how they leverage Splunk visibility to help ensure security and compliance on AWS. The reason is simple and was best said by AWS themselves – ‘Security Requires Visibility’.
Given this simple axiom, I’m thrilled that at this year’s re:Invent, Adobe will be speaking on how they use Splunk to achieve AWS Security Monitoring and Compliance Validation on AWS. The title of …
Can you SPL?
A couple of weeks ago at .conf2016 we conducted our 2nd annual SPL’ing Bee and it was just as exciting as the year before. We had over 30 contestants, close to 100 spectators and a whole new set of challenging questions.
Here is a little background on how the SPL’ing Bee works.
During the SPL’ing Bee, contestants compete by using SPL to answer questions of a specific data set. To do this, contestants download and install the “Add-on for SPLBee App” on Splunkbase. This app allows each contestant to write a SPL query on a specific data set and submit their results to a master judging instance using a macro and a Splunk custom command called sendjobmeta created by …
Reimagining IT at .conf2016
Last month, during the IT Ops Keynote at Splunk .conf2016, Splunk’s Chief Technology Advocate Andi Mann talked about the massive impact and opportunity created by digital transformation. Every industry, every business and every organization is experiencing the effects of digitization and dealing with an astounding rate of change. Whether it’s software-defined-everything, containerization, microservices or the world of the Internet of Things (IoT), digital transformation is everywhere. This newest evolution of IT is disrupting market leaders and upending entire industries – pushing every business to be a technology business. Digital transformation is also changing the technology we use as well as the way our teams connect, work and solve problems.
“New approaches to IT bring people, activities &
Buttercup Games – Level 3: The One-Millionth Flap
On the final day of .conf2016 some of us were having dinner and I noticed the number of total flaps was approaching 1 million. That means people tapped their screen nearly 1 million total times to make Buttercup fly! So of course I needed to open a real-time search and watch it click over.
This made me wonder who was the person who actually touched their screen for the 1 millionth time? The answer is always just a search away in splunk.
Congratulations to Mike Ruszkowski, I hope bells rang and confetti rained! I know my co-worker Matt Oliver (at the top of the table above) was gunning for that 1 millionth flap.
Beyond the millionth flap there have been some other impressive statistics. I’m …
Splunk Pledge and Education
This September marks my fifth year at Splunk. Since day one on the job, I have spent a great deal of my waking time thinking about how to scale up educating folks on Splunk, in particular for universities and other educational entities. There is a bit of chicken-and-egg to this dilemma, as most teachers and students don’t see the value of Splunk until they have had some exposure to it.
Over the past five years, we have built programs around licensing and training on Splunk that give not-for-profit educational entities a way to learn, use, and teach Splunk without spending anything but time. We have had some success, but the efforts did not really scale up until we …
Buttercup Games – Level 2: Buttercup Go data
Buttercup Go is thriving 4,234 people have played the game and lots of data is being generated. In this post I’ll walk through some of the data we are generating.
The data includes web, OS, load balancer, network, firewall, other AWS data, etc. There are a few other data sources I want to point out specifically.
We wanted to allow users to play right away, without the need to sign up. Auth0 was a perfect choice. It was quite easy to use and gave us everything we needed. Not only did it allow many authentication options (think Google, Facebook, Twitter, LinkedIn, etc) but Auth0 also generated great data and could send directly into Splunk. Here was the breakdown of how people …
Adaptive Response: Beyond Analytics-Driven Security
Now that .conf2016 is in full swing, I’m excited to discuss one of my favorite topics – the Splunk-led Adaptive Response Initiative, which we first announced at the RSA Conference earlier this year. We made a big splash with a strong group of 8 founding participants representing key security technologies like Network Firewall, Endpoint Detection and Response, Privileged User Management, Threat Intelligence, and Incident Response. We are thrilled by the support from Splunk customers and strategic partners as we continue to enable organizations to operate multi-vendor adaptive security architectures and bring life to our vision for a security nerve center.
So here we are in Orlando, and I’m happy to share our latest Adaptive Response milestones:
- We have extended Adaptive Response controls into Splunk Enterprise Security 4.5 (ES)
Introducing Splunk Enterprise 6.5 – Machine Learning and Simplified Data Analysis Open New Vistas
Want to put the power of machine learning (ML) to work to help optimize IT, security or biz ops? Wish it were easier for more users in your org to use Splunk for data analysis? Or maybe you’d be interested in improving power user productivity, automating management functions, or lowering storage TCO? Splunk Enterprise 6.5 has something for everyone.
Machine Learning Meets Machine Data
The latest release of the Splunk platform lets you put machine learning to work to tackle any use case that matters to your organization.
Splunk Enterprise has long offered a strong array of ML commands like anomalydetection, outlier, predict and cluster that use fixed algorithms to do their work – no ML expertise required. Today, …
What’s new in Splunk IT Service Intelligence
This time last year, at .conf2015, we introduced Splunk IT Service Intelligence (ITSI) to the world and it’s been a fantastic first year – customers all over the world have chosen ITSI to transform service monitoring and IT operations through machine data-driven analytics.
On Tuesday morning at .conf2016, we had the opportunity to announce what’s new with ITSI. The newest release builds on where we started with ITSI, simplifying service operations with advanced event analytics and delivering business and service context to help prioritize incident investigation. As promised, we continue to innovate with machine learning to reduce the complexity in rules and threshold management with real-time correlations, predefined semantics and base-lining behavior operational patterns. Let’s dig into the new …
Use Analytics-Driven Decision Making and Automation to Improve Threat Detection and Operational Efficiency
Today, we announced major advancements to our security analytics portfolio with a new version of Splunk Enterprise Security 4.5 (ES), which introduces significant innovations to Splunk ES.
Enterprise Security (ES) 4.5 includes Adaptive Response, which helps extend security architecture beyond legacy preventative technologies, and events-based monitoring to use connected intelligence for security operations to gain full visibility and responsiveness across the entire security ecosystem. The new release introduces Glass Tables, which expands the visual analytics capabilities of Splunk ES.
Meeting the growing needs of CISOs adopting automation and orchestration
Many Splunk security customers already use automation to eliminate routine tasks in order to accelerate detection and streamline their response times. A recent survey conducted by 451 Research reveals that 57% …