Splunk Phantom is a security orchestration, automation and response (SOAR) technology that lets customers automate repetitive security tasks, accelerate alert triage, and improve SOC efficiency. Case management features are also built into Phantom, including “workbooks,” that allow you to codify your security standard operating procedures into reusable templates.
Splunk has been recognized as a Value Leader in EMA’s latest research, Radar Report: AIOps, A Guide for Investing in Innovation. Vendors were evaluated across three categories, with Splunk listed as a Value Leader in both ‘Incident, Performance, and Availability Management’ and ‘Business Impact and IT-To-Business Alignment’, as well as Strong Value in ‘Change Impact and Capacity Optimization’.
Every software organization has long balanced the interlock between software developers and software quality assurance testers. While developers aim to build software to business requirements, it’s the QA team’s job to verify that they actually did.
Surprisingly, many organizations have yet to move beyond the traditional compliance-driven approach to cybersecurity. However, to address today’s risk of a cyber breach — which can lead to an organization’s data being compromised or a disruption to business operations — cybersecurity organizations need to focus on delivering the level of security required to protect corporate assets and align with the strategic goals and objectives of the business.
Editor’s note: This post is a collaboration between Tim Tully, Splunk CTO, and Spiros Xanthos, Splunk’s vice president of product management for observability and IT Ops and previously the founder and CEO of Omnition. My love for the open-source software movement began with Linux in the ’90s and grew during my time at Yahoo! in the early days of Hadoop.
Okay... and we’re back! Yes, there’s been a bit of a hiatus since you’ve heard from us in Core Security, but that’s not because we haven’t been busy. In fact, we’ve released a number of enhancements for both the security and user administration experiences of Splunk Enterprise. Going forward, we’ll be a bit more visible bringing you details on these enhancements.
What’s the buzz around AIOps? According to Gartner, “AIOps is the application of machine learning (ML) and data science to IT operations problems.” Though the terms AI and ML conjure images of almost magical capabilities, devoid of connection to the domain in which it’s applied, actually the reality is far different.
We are excited to partner with AWS in launching AWS Bottlerocket, a container optimized operating system. Bottlerocket gives DevOps teams speed, efficiency and security in containerized environments.
Once you’ve reached the point where you want to deploy your machine learning models to production, you will eventually need to monitor operations and performance. You might also want to receive alerts in case of any unexpected behavior or inconsistencies with your model or your data quality. This is where you most likely start learning about various aspects of Machine Learning Operations (MLOps).
