Let’s Get Critical: The Capabilities You Need for an Analytics-Driven SIEM
New Webinar — register now:
Let’s Get Critical: The Capabilities You Need for an Analytics-Driven SIEM
In the Gartner 2016 Critical Capabilities for Security Information and Event Management (SIEM) report, Splunk scored the highest in all three use cases*: Basic Security Monitoring, Advanced Threat Detection and Forensics and Incident Response
In this report, each capability is then weighted in terms of its relative importance for specific product/service use cases.
SIEM technologies provide a set of common core capabilities that are needed for all basic security monitoring use cases. Other SIEM capabilities are more critical for the advanced threat detection or incident response and management use cases.
The eight critical capabilities used in the 2016 report to determine scores …
Creating McAfee ePO Alert and ARF Actions with Add-On Builder
One of the best things about Splunk is the passionate user community. As a group, the community writes amazing Splunk searches, crafts beautiful dashboards, answers thousands of questions, and shares apps and add-ons with the world.
Building high quality add-ons is perhaps one of the more daunting ways to contribute. Since the recently-updated Splunk Add-On Builder 2.0 was released, however, it’s never been easier to build, test, validate and package add-ons for sharing on SplunkBase.
Technical Add-Ons, aka TAs, are specialized Splunk apps that make it easy for Splunk to ingest data, extract and calculate field values, and normalize field names against the Common Information Model (CIM). Since the release of version 6.3, Splunk Enterprise also supports TAs for …
Splunk Named a Leader in Gartner SIEM Magic Quadrant for the Fourth Straight Year
Gartner has published the 2016 Magic Quadrant for Security Information and Event Management and Splunk was named a leader for the fourth straight year.
In the report, Gartner placed Splunk in the Leaders quadrant and positioned Splunk furthest overall for completeness of vision.
Our security portfolio, including Splunk® Enterprise and the Splunk Enterprise Security solves basic, advanced and emerging SIEM use cases to dramatically accelerate the detection, investigation of advanced threats and attacks and to rapidly respond and remediate them by providing security intelligence from all security relevant data that is collected across IT, the business, and the cloud.
A growing number of organizations are using Splunk Enterprise Security to augment, replace and go beyond their legacy SIEM deployments.…
SIEM success patterns – How to get it right!
One of the things I love about machine data is that it can be used in so many ways. Interestingly enough over the years I have observed a common pattern in organizations that have been successful with SIEM. The implementation of a cyber defence center should serve to increase security maturity, strengthen cyber security skills and security intelligence, enabling organisations to successfully stop complex attacks (not just malware!) and better protect customer data and the overall business. Yet in the past I have been called in to meet with prospects regarding failed SIEM deployments and it doesn’t matter which traditional vendor it is there are always similar patterns.
What are the patterns of a failed SIEM deployment?
2016 Scalar Security Study – The Cybersecurity Readiness of Canadian Organizations
This is a guest post contributed by Aoife Mc Monagle, Director, Marketing & Communications at Scalar Decisions
As Canada’s #1 IT security company, Scalar spends a lot of time advising clients on how to manage cybersecurity risk. We also spend time researching the market to better understand the needs of Canadian clients and how they are dealing with cybersecurity today. In February 2016, we published our second annual security study: The Cyber Security Readiness of Canadian Organizations.
Our objective was to examine changes in the cyber threat landscape, and what strategies, tactics, and technologies respondents were finding most useful in combatting these threats.
The findings showed that the landscape was generally getting worse year-over-year: more attacks, more breaches, …
The 4-minute mile challenge and securely moving to the Cloud
As a runner, I am always fascinated by Dr. Roger Bannister’s achievement of shattering the 4-minute barrier to run a mile. Even though, I was not around to witness this landmark feat, the 4-minute barrier holds a special significance.
Splunk is excited to share with you a new interactive, sub 4-minute video, in which Splunk’s Senior Vice President of Security Markets, Haiyan Song, takes you on a journey to discover how cloud-based SIEM services can cut costs, help security teams reduce remediation cycle times, and demonstrate regulatory compliance, without the hassle of setting up and managing complex hardware.
Within this interactive video, you can access additional customer videos, peruse white papers, listen to a webinar and much more!
Get ready for Infosecurity Europe 2016!
It’s time to get ready for the 21st edition of Infosecurity Europe 2016, taking place between the 7th – 9th June at Olympia in London. Infosecurity is Europe’s number one information security event, featuring the largest and most comprehensive education program available, with over 315 exhibitors showcasing the most diverse range of products and services to over 12,000 visitors.
Splunk will be onsite in force at Infosecurity – with several speaking sessions as well as an interactive workshop focused on cloud security. Make sure you prepare early to avoid missing some of our great content at the show! Register today for free entrance (save £35).
Splunk Booth Stand C20 + Theater Presentations
First of all – visit the Splunk stand to get your …
Webinar recap: Learn How Equinix Uses Splunk as a Cloud-Based SIEM
Customer led webinars are always an eye opener and the recent Splunk webinar “Learn How Equinix Uses Splunk as a Cloud-Based SIEM” on March 31, 2016, was no exception.
George Do, CISO @ Equinix, discussed Equinix’s InfoSec drivers, Equinix’s vision for “SIEM in the Cloud” and provided detailed information on how Equinix is using Splunk Cloud and Splunk Enterprise Security to solve a wide range of security use cases and its value to Equinix.
The webinar was attended by Splunk customers and as well as non-customers. 98% of the poll respondents used a SIEM reflecting the wide-spread adoption of SIEM. 63% of the customers’ supported 10 SaaS applications and more than 32% of the customers supported 50 …
Webinar: Learn How Equinix Uses Splunk as a Cloud-Based SIEM
We understand enterprise security teams have to deal with various challenges around threat detection, threat response and threat mitigation. A few years back, security solutions that merely reported and monitored security logs and events were considered good enough. But with the complex and changing threat landscape, the above legacy approaches lack the breadth and depth required to provide a comprehensive security solution. In addition to this, you also need broader insights from all data sources generated at scale across on-prem and hybrid environments.
Our cloud-based SIEM solution helps you to overcome the above challenges and realize value right out of the box with the help of pre-built dashboards, reports, incident response workflows, analytics, correlation searches and security indicators that simplify …
The Value of Hybrid Highlighted as Splunk is Honored by SC Magazine Awards
Every organization has a cloud strategy. It’s a journey, but the destination is clear. And, it’s my experience that regardless of what mile marker organizations have just passed on the road to cloud, they’re likely operating a hybrid environment. This means they are running solutions both on-premises and in the cloud. To support this strategy, we offer hybrid delivery options – supporting both on-premises and cloud solutions – one of the differentiated values we provide our Splunk customers.
And today, I’m excited to share that our differentiated value just got a big boost as Splunk Enterprise won a Trust award for “Best Fraud Prevention Solution” and Splunk Enterprise Security won a Trust award for “Best SIEM Solution” from SC …