Find Malicious Insiders Before You Become a Headline

Screen Shot 2017-02-14 at 10.13.21 AMThe media is filled with reports of Russia’s possible influence over the U.S. presidential elections. While American security agencies are investigating the Kremlin’s possible involvement in a hack of the Democratic National Committee, a U.S. Intelligence Service unclassified report suggests the Russians motive, at least in part, may have been retaliation for the U.S. working with a malicious insider to leak news of a Soviet Olympic athlete doping scandal.

Regardless of whether the report is true, it reveals a growing concern over insider threats for foreign governments everywhere. Countries such as Canada are heavily investing to protect its citizens against insider and foreign attacks, while the U.S. Department of Defense Inspector General found in a recent audit that the U.S. …

» Continue reading

How Splunk Can Help You Prevent Ransomware From Holding Your Business Hostage

A group of hackers recently cost Madison County, Indiana $200,000 and another group demanded $73,000 from the San Francisco Municipal Transport Agency (SFMTA) over the Thanksgiving holiday to decrypt frozen data. What was the common factor connecting the two attacks? A popular form of malware known as ransomware.

Why You Should Care About Ransomware

Ransomware is often used to extort funds directly from victims. Ransomware literally takes systems hostage, requiring a “ransom” to free those systems back to a usable state. This can be a very lucrative business for cyber criminals.

Ransomware, like other malware, gets into your network via bad actors who figure out a way to deliver it into your environment without “sounding an alarm” – for example, …

» Continue reading

SF Muni Hacked. Learn How to Detect Ransomware in Your Environment

Join security expert James Brodsky for our How-to Webinar: Detection of Ransomware and Prevention Strategies on December 13.

SF Muni was hit with a Ransomware attack last week, just as the prime holiday shopping season was kicking off. For many, the free fares for the weekend while Muni assessed the damage probably seemed like a holiday gift or customer service bonus.

But the lost revenues and potential $73K ransom they were asked to pay was no bonus for the IT and security teams.

News of Ransomware attacks are becoming much more common these days, with a reported $209M paid to ransomware criminals in Q1 2016 and the FBI anticipating ransomware to be a $1B source of income for cybercriminals this year.

Ransomware attacks are on the rise.

Ransomware attacks

» Continue reading

Let’s Get Critical: The Capabilities You Need for an Analytics-Driven SIEM

New Webinar — register now:
Let’s Get Critical: The Capabilities You Need for an Analytics-Driven SIEM

In the Gartner 2016 Critical Capabilities for Security Information and Event Management (SIEM) report, Splunk scored the highest in all three use cases*: Basic Security Monitoring, Advanced Threat Detection and Forensics and Incident Response

In this report, each capability is then weighted in terms of its relative importance for specific product/service use cases.


SIEM technologies provide a set of common core capabilities that are needed for all basic security monitoring use cases. Other SIEM capabilities are more critical for the advanced threat detection or incident response and management use cases.

The eight critical capabilities used in the 2016 report to determine scores …

» Continue reading

How Otto Gains Multichannel Visibility Into Business Transactions With Splunk

splunk-webinar-logoEvery sector in today’s economy is being impacted in a big way by Digitization. The retail industry is at the forefront. Customers have the ability to order online, in-store, or using their smartphone and they can pick up goods in-store or have them shipped to their doorstep. Retailers that have successfully embraced digitization have seen their market share grow, along with an increasing customer base. Otto (a subsidiary of Otto Group), headquartered in Germany is one such example of a retailer. Founded in 1949 as a mail order catalog company, Otto delivers a comprehensive, multi-channel retail environment and gives its customers the flexibility in how they order their goods. As a result of successfully embracing digitization, Otto has seen their …

» Continue reading

Security requires visibility: Transform data into AWS security insights

As I speak with customers about their plans to leverage cloud, there is one question I hear more often than not – “How can I migrate to cloud without losing end-to-end visibility across my infrastructure?”

There’s good reason for this question. After all:

  • You can’t secure what you can’t see
  • You can’t operate what you can’t see
  • You can’t manage what you can’t see
  • You can’t optimize cost for what you can’t see

Recently, I had the pleasure of speaking on a webinar together with AWS and our joint customer, EnerNOC, on how organizations can gain full visibility of their cloud or hybrid environment.

  • AWS spoke about their shared responsibility model, and the various services (CloudTrail, Config, VPC Flow Logs,
» Continue reading

Downtime Got You Down? Webinar: Getting Started With Splunk for Application Management

Your applications are often the most important part of your business, and poor performing apps can be extremely detrimental to your bottom line as well as your company reputation. At Splunk, we help you provide the best end user experience to your customers. Whether it’s ensuring the availability of critical services, improving response time, or reducing MTTR, Splunk can help you monitor and measure the key inputs that affect customer experience (C/X).

Screen Shot 2016-04-13 at 11.57.48 AM

For instance, think about response time. At 1/10th of a second response time in application performance is nearly seamless to the end user. As response time creeps up to 1 second, or longer, that’s enough of a mental break for an end user to realize the lag …

» Continue reading

Webinar recap: Learn How Equinix Uses Splunk as a Cloud-Based SIEM

equinixCustomer led webinars are always an eye opener and the recent Splunk webinar “Learn How Equinix Uses Splunk as a Cloud-Based SIEM” on March 31, 2016, was no exception.

George Do, CISO @ Equinix, discussed Equinix’s InfoSec drivers, Equinix’s vision for “SIEM in the Cloud” and provided detailed information on how Equinix is using Splunk Cloud and Splunk Enterprise Security to solve a wide range of security use cases and its value to Equinix.

The webinar was attended by Splunk customers and as well as non-customers. 98% of the poll respondents used a SIEM reflecting the wide-spread adoption of SIEM. 63% of the customers’ supported 10 SaaS applications and more than 32% of the customers supported 50 …

» Continue reading

Webinar: Learn How Equinix Uses Splunk as a Cloud-Based SIEM


We understand enterprise security teams have to deal with various challenges around threat detection, threat response and threat mitigation. A few years back, security solutions that merely reported and monitored security logs and events were considered good enough. But with the complex and changing threat landscape, the above legacy approaches lack the breadth and depth required to provide a comprehensive security solution. In addition to this, you also need broader insights from all data sources generated at scale across on-prem and hybrid environments.

Our cloud-based SIEM solution helps you to overcome the above challenges and realize value right out of the box with the help of pre-built dashboards, reports, incident response workflows, analytics, correlation searches and security indicators that simplify …

» Continue reading

Monitoring and troubleshooting critical applications? There’s a platform for that!

Do you remember where you did you holiday shopping last season? I’ll bet you did much of it online. The early returns are in, and while in-store traffic is down, online spend is up at least 14% last year. Webscale applications are critical, but it’s not just for retail anymore.

Splunk customers, such as John Lewis, Ubisoft, and Tesco have been using Splunk software as their platform collect, analyze and provide insight on the availability, usage and performance of their applications and services. As a result, they have the insight required to keep their apps running and performing well, and understand the usage trends that help them make better decisions.


An additional benefit of taking a platform approach involves …

» Continue reading