Countdown to AWS re:Invent – Security Requires Visibility

Learn all about Splunk at AWS re:Invent 2016.

I first heard the phrase ‘Security Requires Visibility’ during the Introduction to AWS Security session at the 2015 AWS SF Summit.  I must say, it immediately resonated.

Over the past 3 years at Splunk, I’ve spoken with customers such as Adobe, Autodesk, FamilySearch, FINRA and more about how they leverage Splunk visibility to help ensure security and compliance on AWS.  The reason is simple and was best said by AWS themselves – ‘Security Requires Visibility’.

Adobe Blog Graphic #2

Given this simple axiom, I’m thrilled that at this year’s re:Invent, Adobe will be speaking on how they use Splunk to achieve AWS Security Monitoring and Compliance Validation on AWS.  The title of …

» Continue reading

Can you SPL?

splbee_scoreA couple of weeks ago at .conf2016 we conducted our 2nd annual SPL’ing Bee and it was just as exciting as the year before.  We had over 30 contestants, close to 100 spectators and a whole new set of challenging questions.

Here is a little background on how the SPL’ing Bee works.

During the SPL’ing Bee, contestants compete by using SPL to answer questions of a specific data set.  To do this, contestants download and install the “Add-on for SPLBee App” on Splunkbase.  This app allows each contestant to write a SPL query on a specific data set and submit their results to a master judging instance using a macro and a Splunk custom command called sendjobmeta created by …

» Continue reading

Reimagining IT at .conf2016

Last month, during the IT Ops Keynote at Splunk .conf2016, Splunk’s Chief Technology Advocate Andi Mann talked about the massive impact and opportunity created by digital transformation. Every industry, every business and every organization is experiencing the effects of digitization and dealing with an astounding rate of change. Whether it’s software-defined-everything, containerization, microservices or the world of the Internet of Things (IoT), digital transformation is everywhere. This newest evolution of IT is disrupting market leaders and upending entire industries – pushing every business to be a technology business. Digital transformation is also changing the technology we use as well as the way our teams connect, work and solve problems.

» Continue reading

Buttercup Games – Level 3: The One-Millionth Flap

1mil_low

On the final day of .conf2016 some of us were having dinner and I noticed the number of total flaps was approaching 1 million. That means people tapped their screen nearly 1 million total times to make Buttercup fly! So of course I needed to open a real-time search and watch it click over.

This made me wonder who was the person who actually touched their screen for the 1 millionth time?  The answer is always just a search away in splunk.

Screen Shot 2016-10-03 at 10.39.08 AM

Congratulations to Mike Ruszkowski, I hope bells rang and confetti rained! I know my co-worker Matt Oliver (at the top of the table above) was gunning for that 1 millionth flap.

Beyond the millionth flap there have been some other impressive statistics. I’m …

» Continue reading

Splunk Pledge and Education

SCL-Splunk-conf2016-Badge-6_fb-1200x627This September marks my fifth year at Splunk.  Since day one on the job, I have spent a great deal of my waking time thinking about how to scale up educating folks on Splunk, in particular for universities and other educational entities.  There is a bit of chicken-and-egg to this dilemma, as most teachers and students don’t see the value of Splunk until they have had some exposure to it.

Over the past five years, we have built programs around licensing and training on Splunk that give not-for-profit educational entities a way to learn, use, and teach Splunk without spending anything but time.  We have had some success, but the efforts did not really scale up until we …

» Continue reading

Buttercup Games – Level 2: Buttercup Go data

Buttercup Go is thriving 4,234 people have played the game and lots of data is being generated. In this post I’ll walk through some of the data we are generating.

Screen Shot 2016-09-28 at 6.08.32 PM

The data includes web, OS, load balancer, network, firewall, other AWS data, etc. There are a few other data sources I want to point out specifically.

Authentication Data

We wanted to allow users to play right away, without the need to sign up. Auth0 was a perfect choice. It was quite easy to use and gave us everything we needed. Not only did it allow many authentication options (think Google, Facebook, Twitter, LinkedIn, etc) but Auth0 also generated great data and could send directly into Splunk. Here was the breakdown of how people …

» Continue reading

Adaptive Response: Beyond Analytics-Driven Security

SCL-Splunk-conf2016-Badge-7-v2_fb-1200x627

Now that .conf2016 is in full swing, I’m excited to discuss one of my favorite topics – the Splunk-led Adaptive Response Initiative, which we first announced at the RSA Conference earlier this year. We made a big splash with a strong group of 8 founding participants representing key security technologies like Network Firewall, Endpoint Detection and Response, Privileged User Management, Threat Intelligence, and Incident Response. We are thrilled by the support from Splunk customers and strategic partners as we continue to enable organizations to operate multi-vendor adaptive security architectures and bring life to our vision for a security nerve center.

So here we are in Orlando, and I’m happy to share our latest Adaptive Response milestones:

  1. We have extended Adaptive Response controls into Splunk Enterprise Security 4.5 (ES)
  2. Vendor
» Continue reading

Introducing Splunk Enterprise 6.5 – Machine Learning and Simplified Data Analysis Open New Vistas

SCL-Splunk-conf2016-Badge-2_fb-1200x627Want to put the power of machine learning (ML) to work to help optimize IT, security or biz ops? Wish it were easier for more users in your org to use Splunk for data analysis? Or maybe you’d be interested in improving power user productivity, automating management functions, or lowering storage TCO? Splunk Enterprise 6.5 has something for everyone.

Machine Learning Meets Machine Data

The latest release of the Splunk platform lets you put machine learning to work to tackle any use case that matters to your organization.

ciscoquote

Splunk Enterprise has long offered a strong array of ML commands like anomalydetection, outlierpredict and cluster that use fixed algorithms to do their work – no ML expertise required. Today, …

» Continue reading

What’s new in Splunk IT Service Intelligence

This time last year, at .conf2015, we introduced Splunk IT Service Intelligence (ITSI) to the world and it’s been a fantastic first year – customers all over the world have chosen ITSI to transform service monitoring and IT operations through machine data-driven analytics.

Surrey Satellite Technology_Daniel Nye_1On Tuesday morning at .conf2016, we had the opportunity to announce what’s new with ITSI. The newest release builds on where we started with ITSI, simplifying service operations with advanced event analytics and delivering business and service context to help prioritize incident investigation.  As promised, we continue to innovate with machine learning to reduce the complexity in rules and threshold management with real-time correlations, predefined semantics and base-lining behavior operational patterns. Let’s dig into the new …

» Continue reading

Use Analytics-Driven Decision Making and Automation to Improve Threat Detection and Operational Efficiency

SCL-Splunk-conf2016-Badge-4_fb-1200x627Today, we announced major advancements to our security analytics portfolio with a new version of Splunk Enterprise Security 4.5 (ES), which introduces significant innovations to Splunk ES.

Enterprise Security (ES) 4.5 includes Adaptive Response, which helps extend security architecture beyond legacy preventative technologies, and events-based monitoring to use connected intelligence for security operations to gain full visibility and responsiveness across the entire security ecosystem. The new release introduces Glass Tables, which expands the visual analytics capabilities of Splunk ES.

Meeting the growing needs of CISOs adopting automation and orchestration

Many Splunk security customers already use automation to eliminate routine tasks in order to accelerate detection and streamline their response times. A recent survey conducted by 451 Research reveals that 57% …

» Continue reading