The main focus for cybersecurity teams — moving beyond compliance — is to deliver the level of security required to manage the likelihood of a breach and the potential impact to the business. This is more effective than simply focusing on the cost of delivering security services.
Suffering from severe headaches during meetings, feeling fatigued and lethargic due to lengthy powerpoints and monologues (you know, the ones that go on and on)? If that sounds oh so familiar to you, we have good news: it’s not you. And (usually) neither are your colleagues nor their presentations to blame. More often than not, the culprit for a “meeting hangover” is “bad”, stale air.
When it comes to patient care, convenience and trust are critical to success. Healthcare startup Galileo prioritizes just that through technology that gives people 24/7 access to medical care and improves the dialogue between patients and their doctors. Galileo ensures uptime, minimizes latency, and reduces errors so patients get the help they need when they need it and can ultimately live better, healthier lives.
Event Hubs are a big data streaming PasS capability provided by Azure. Event Hubs can process data or telemetry produced from your Azure environment. They also provide us a scalable method to get your valuable Azure data into Splunk! Splunk add-ons like the Splunk Add-on for Microsoft Cloud Services and the Microsoft Azure Add-on for Splunk provide the ability to connect to, and ingest all kinds of data sources from your Azure environment.
The recent disclosure of CVE-2020-1472 vulnerability by Microsoft showcases the need for tools that allow defenders to quickly replicate published exploit code, register attack data, and create signatures or other mitigations against released exploits with a high likelihood of exploitation against popular infrastructure or operating systems.
What exactly is the Data Age? Well, there is no single definition of what this means - but my interpretation is that it refers to the fact that data can now be used as a foundation for decision making in every department of every business. And with the volume of data generated forecast to continue to grow exponentially up until 2025 according to IDC, the possibilities for using data to drive informed decision making are only going to increase.
Azure Network Security Groups (NSG) are used to filter network traffic to and from resources in an Azure Virtual Network. If you’re coming from AWS-land, NSG’s combine Security Groups and NACL’s. Splunking NSG flow log data will give you access to detailed telemetry and analytics around network activity to & from your NSG's. If that doesn’t sound appealing to you yet, here are some of the many things you could Splunk with your network traffic logs from Azure.
Splunk is happy to announce that we now have a Hashicorp verified Terraform Provider for Splunk. The provider is publicly available in the Terraform Registry and can be used by referencing it in your Terraform configuration file and simply executing terraform init. If you're new to Terraform and Providers, the latest version of Terraform is available here. You will need to download the appropriate binaries and have Terraform installed before using the provider.
If you’re new to the Dashboards Beta app on Splunkbase and you’re trying to get started with building beautiful dashboards, this "Dashboards Beta" blog series is a great place to start. The Splunk Dashboards app (beta) brings a new dashboard framework, intended to combine the best of Simple XML and Glass Tables, and provide a friendlier experience for creating and editing dashboards.
At Splunk, we understand that a secure platform is a trustworthy one. We strive to implement a protected foundation for our customers to turn data into action, and part of that effort is giving you more frequent insight into the security enhancements that we’ve made to the platform. In this blog series, we’ll share the latest enhancements to Splunk Enterprise, review our security features in depth, and explain why these updates are important for you and your organization.
As IT leaders, we are facing an era of unprecedented events. Not only are IT teams still adapting to working and living from home — with many companies now announcing their support for a remote workforce indefinitely — but they’re also facing a novel combination of heightened external pressures from family, friends and colleagues.
Splunk Phantom is a security orchestration, automation and response (SOAR) technology that lets customers automate repetitive security tasks, accelerate alert triage, and improve SOC efficiency. Case management features are also built into Phantom, including “workbooks,” that allow you to codify your security standard operating procedures into reusable templates.
Splunk has been recognized as a Value Leader in EMA’s latest research, Radar Report: AIOps, A Guide for Investing in Innovation. Vendors were evaluated across three categories, with Splunk listed as a Value Leader in both ‘Incident, Performance, and Availability Management’ and ‘Business Impact and IT-To-Business Alignment’, as well as Strong Value in ‘Change Impact and Capacity Optimization’.
Every software organization has long balanced the interlock between software developers and software quality assurance testers. While developers aim to build software to business requirements, it’s the QA team’s job to verify that they actually did.
Surprisingly, many organizations have yet to move beyond the traditional compliance-driven approach to cybersecurity. However, to address today’s risk of a cyber breach — which can lead to an organization’s data being compromised or a disruption to business operations — cybersecurity organizations need to focus on delivering the level of security required to protect corporate assets and align with the strategic goals and objectives of the business.
Okay... and we’re back! Yes, there’s been a bit of a hiatus since you’ve heard from us in Core Security, but that’s not because we haven’t been busy. In fact, we’ve released a number of enhancements for both the security and user administration experiences of Splunk Enterprise. Going forward, we’ll be a bit more visible bringing you details on these enhancements.
Editor’s note: This post is a collaboration between Tim Tully, Splunk CTO, and Spiros Xanthos, Splunk’s vice president of product management for observability and IT Ops and previously the founder and CEO of Omnition. My love for the open-source software movement began with Linux in the ’90s and grew during my time at Yahoo! in the early days of Hadoop.
What’s the buzz around AIOps? According to Gartner, “AIOps is the application of machine learning (ML) and data science to IT operations problems.” Though the terms AI and ML conjure images of almost magical capabilities, devoid of connection to the domain in which it’s applied, actually the reality is far different.