Copyright 2015 Splunk Inc Finding the signal in
- Slides: 36
Copyright © 2015 Splunk Inc. Finding the signal in the noise: Effective Sec. Ops with Sophos & Splunk Cloud Ross Mc. Kerchar, Sophos
Introduction and Splunk Overview Andrew Morris, Splunk
Agenda 6: 30 Introduction and Splunk Overview 6: 50 Finding the signal in the noise: Effective Sec. Ops with Sophos & Splunk Cloud 7: 20 Demo: Splunk Enterprise Security and App for AWS 7: 50 Q&A 3
SECURITY INTELLIGENCE IN THE CLOUD Andrew Morris Director of Cloud, EMEA #Splunk
CLOUD AND HYBRID IT SOFTWARE-DEFINED DATACENTERS CONTINUOUS APP DELIVERY ANALYTICS-DRIVEN SECURITY INTERNET OF THINGS
Make machine data accessible, usable and valuable to everyone.
Why Splunk? FAST TIME-TO-VALUE ANY DATA, ANY SOURCE, ASK ANY QUESTION VISIBILITY ACROSS STACK, NOT JUST SILOS ONE PLATFORM, MULTIPLE USE CASES CLOUD, ON-PREMISE & HYBRID DEPLOYMENT
Disruptive Approach to Unstructured Data Traditional Splunk Schema at Write Schema at Read SQL Search ETL Universal Indexing Structured RDBMS Unstructured Volume 8 Velocity Variety
Turning Machine Data Into Business Value Index Untapped Data: Any Source, Type, Volume Online Services On. Premises Servers Application Delivery Web Services Security GPS Location Networks Private Cloud Storage Public Cloud IT Operations Packaged Applications Desktops Messaging Online Shopping Cart Telecoms Web Clickstreams Custom Applications Security, Compliance and Fraud RFID Energy Meters Databases Smartphones and Devices Ask Any Question Call Detail Records Business Analytics Industrial Data and the Internet of Things
Proven Customer Value Across Use Cases & Industries Increased revenues from higher uptime Revenues from faster product launch Savings from fraud prevention Value from preventing APTs Reduction in SLA payouts Optimizing fuel use with sensor data $11. 0 M $25. 0 M $10. 0 M $200+ M $1. 8 M $1. 0 + B $1. 0+ B Online Services High Tech Manufacturing Financial Services Oil & Gas Services Telecom Provider Transportation 10
IT Operations Application Delivery Security, Compliance and Fraud Business Analytics Internet of Things and Industrial Data Platform for Machine Data
The Splunk Portfolio Splunk Premium Solutions 1000+ Apps and Add-Ons Platform for Operational Intelligence Forwarders Syslog/TCP Mobile Io. T Devices Network Wire Data Hadoop Relational Databases Mainframe Data
Fully Integrated Enterprise Platform Index Data Collect Data Scale HA / DR Search & Explore Alert & Action Enrich Data Security Admin 13 Report & Visualize Apps Analyze & Predict SDKs/API
Cloud Is a Journey and Splunk Is Your Partner 100% Uptime SLA Instant Secure Reliable Hybrid
How Gatwick Airport Ensures Better Passenger Experience With Splunk Cloud On-time efficiency & dramatic queue reduction with 925 flights per day Data from airport gates, board pass scans, x-ray, travel, passenger flow Real-time, predictive airfield analytics deliver on mobile app & Apple watch 15
Modern Threat Landscape Realities Vulnerabilities Compromises You Can Disrupt Breaches
Splunk Security Intelligence Insider Threat Incident Investigations and Forensics Security Analytics Security and Compliance Reporting Fraud Detection Monitor and Detect Known/ Unknown Threats
Single Platform for Security Intelligence Splunk Complements, Replaces and Goes Beyond Existing SIEMs INCIDENT INVESTIGATIONS & FORENSICS SECURITY & COMPLIANCE REPORTING REAL-TIME MONITORING OF KNOWN THREATS DETECT UNKNOWN THREATS 20 FRAUD DETECTION INSIDER THREAT
Rapid Ascent in the Gartner SIEM Magic Quadrant* 2015 Leader and the only vendor to improve its visionary position 2014 Leader 2013 Leader 2012 Challenger 2011 Niche Player *Gartner, Inc. , SIEM Magic Quadrant 2011 -2015. Gartner does not endorse any vendor, product or service depicted in its research publication and not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. 21
How Telenor protects their network using Splunk Enterprise Security 1 TB of Daily Data with “Splunk Everything” Strategy for Network, Security and IT Data Baseline “Normal” Monitoring of Security and Operations – Real-time Analysis of Deviation Detect and Prevent Security Issues Enabling “Central Emergency Response Team”
With Splunk, Your Enterprise Data Platform Security Operations Different Business. PEOPLE Operations QUESTIONS Asking Different Of the SAME DATA 23 IT Operations
Thriving Community Over 1000 Apps 65, 000+ questions and answers Local User Groups and Splunk. Live! events Dev. splunk. com
Easy to Try and Get Started Free Cloud Trial Free Software Download Free Enterprise Security Sandbox 1 2 3
Copyright © 2015 Splunk Inc. Join us to hear more: Wednesday 11 th May 2016 Westminster Park Plaza, London Register at: http: //live. splunk. com/london
Finding the signal in the noise: Effective Sec. Ops with Sophos & Splunk Cloud Ross Mc. Kerchar, Sophos
About Sophos • • Founded 1985 in Abingdon, UK 2, 200 employees Over 200, 000 customers 100+ million users
Our challenge Keeping up with this…
Our strategy Make change easy ‘Brutal’ prioritisation Focus on the achievable
Operational Intelligence Maturity IT Operations Security Customer experience Log gathering
Security Operations Maturity 4. Security automation Automation 3. Governance Optimising Proactive 2. Threat detection Protection 1. Log gathering Governance Reactive
Our Splunk Deployment Sophos Safeguard Sophos Mobile Control Amazon Web Services Logs Sophos Pure. Message Sophos Wireless Sophos Firewall Sophos Endpoint Security Sophos Cloud Sophos UTM Windows Logs 33
Demo
Q&A
Thank You
- Copyright 2015 all rights reserved
- Copyright © 2015 all rights reserved
- Drag the example to connect with the description given
- 2015 pearson education inc
- Vista higher learning french
- 2015 pearson education inc
- 2015 pearson education inc
- 2015 pearson education inc
- 2015 pearson education inc
- 2015 pearson education inc
- Pearson education ltd 2015
- 2015 pearson education inc
- 2015 pearson education inc
- 2015 pearson education inc
- Intext:"copyright (c) tektronix, inc." "printer status"
- 2017 pearson education ltd
- Copyright pearson education inc
- Copyright 2010 pearson education inc
- Copyright 2009
- Copyright goodheart-willcox co. inc
- Copyright pearson education inc
- Copyright 2014 pearson education inc
- Copyright 2010 pearson education inc
- Copyright 2010 pearson education inc
- Copyright by pearson education inc. answers
- 2008 pearson education inc
- Copyright 2005 pearson prentice hall inc
- Copyright 2009 pearson education inc
- Copyright 2010 pearson education inc
- Copyright 2010 pearson education inc
- Copyright 2010 pearson education inc
- Copyright 2010 pearson education inc
- Copyright 2010 pearson education inc
- Copyright 2010 pearson education inc
- Copyright 2010 pearson education inc
- Copyright 2009 pearson education inc
- 2009 pearson education inc