Azure Network Security Groups (NSG) are used to filter network traffic to and from resources in an Azure Virtual Network. If you’re coming from AWS-land, NSG’s combine Security Groups and NACL’s. Splunking NSG flow log data will give you access to detailed telemetry and analytics around network activity to & from your NSG's. If that doesn’t sound appealing to you yet, here are some of the many things you could Splunk with your network traffic logs from Azure.
Splunk is happy to announce that we now have a Hashicorp verified Terraform Provider for Splunk. The provider is publicly available in the Terraform Registry and can be used by referencing it in your Terraform configuration file and simply executing terraform init. If you're new to Terraform and Providers, the latest version of Terraform is available here. You will need to download the appropriate binaries and have Terraform installed before using the provider.
If you’re new to the Dashboards Beta app on Splunkbase and you’re trying to get started with building beautiful dashboards, this "Dashboards Beta" blog series is a great place to start. The Splunk Dashboards app (beta) brings a new dashboard framework, intended to combine the best of Simple XML and Glass Tables, and provide a friendlier experience for creating and editing dashboards.
At Splunk, we understand that a secure platform is a trustworthy one. We strive to implement a protected foundation for our customers to turn data into action, and part of that effort is giving you more frequent insight into the security enhancements that we’ve made to the platform. In this blog series, we’ll share the latest enhancements to Splunk Enterprise, review our security features in depth, and explain why these updates are important for you and your organization.
As IT leaders, we are facing an era of unprecedented events. Not only are IT teams still adapting to working and living from home — with many companies now announcing their support for a remote workforce indefinitely — but they’re also facing a novel combination of heightened external pressures from family, friends and colleagues.
Splunk Phantom is a security orchestration, automation and response (SOAR) technology that lets customers automate repetitive security tasks, accelerate alert triage, and improve SOC efficiency. Case management features are also built into Phantom, including “workbooks,” that allow you to codify your security standard operating procedures into reusable templates.
Splunk has been recognized as a Value Leader in EMA’s latest research, Radar Report: AIOps, A Guide for Investing in Innovation. Vendors were evaluated across three categories, with Splunk listed as a Value Leader in both ‘Incident, Performance, and Availability Management’ and ‘Business Impact and IT-To-Business Alignment’, as well as Strong Value in ‘Change Impact and Capacity Optimization’.
Every software organization has long balanced the interlock between software developers and software quality assurance testers. While developers aim to build software to business requirements, it’s the QA team’s job to verify that they actually did.
Surprisingly, many organizations have yet to move beyond the traditional compliance-driven approach to cybersecurity. However, to address today’s risk of a cyber breach — which can lead to an organization’s data being compromised or a disruption to business operations — cybersecurity organizations need to focus on delivering the level of security required to protect corporate assets and align with the strategic goals and objectives of the business.
Okay... and we’re back! Yes, there’s been a bit of a hiatus since you’ve heard from us in Core Security, but that’s not because we haven’t been busy. In fact, we’ve released a number of enhancements for both the security and user administration experiences of Splunk Enterprise. Going forward, we’ll be a bit more visible bringing you details on these enhancements.
