Your SlideShare is downloading. ×
0

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

SplunkLive! Customer Presentation - Hurricane Labs

576

Published on

Published in: Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
576
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Director of Security ServicesHurricane LabsManaged Security ProviderCleveland, OHAvid Cleveland sports cynic•••Matt Yonchak
  • 2. What Hurricane Labs DoesSecurity Monitoring andAnalysisPerformance MonitoringVulnerability ManagementSplunk MSSP••••
  • 3. Security Monitoring and Analysis
  • 4. Typical Security DataIPSProxyFirewallWAF••••
  • 5. Non-Typical Data(but still relevant to security)Web Application DataVoice andCommunicationEmailPerformance MonitoringID ManagementExternal Data Sources••••••
  • 6. PerformanceMonitoringComprised of different areas:System Resources Up / Down Monitoring System Processes Bandwidth Utilization
  • 7. Performance monitoring
  • 8. Vulnerability ManagementPenetration testingand lots of it
  • 9. More frequent = more data.Clients given a scoreSplunk pulls in pen test data.•••Vulnerability Management
  • 10. Hurricane LabsBig Data Problem
  • 11. Our Big DataProblemStatistics onHL big data
  • 12. IcingaCactiPentest resultsTicketsChangelogsIDS/IPS eventsHIDSVulnerabilityScannersPort ScannersEvent LogsSyslogsFirewall eventsAudit eventsPCI eventsWhat Goes Into the HDportal Splunk Instance?(Its ALOT)
  • 13. How we filter down so many eventsto provide security intelligence:Making 246 Million EventsWork For YouProper tuning(not just turning stuff off)
  • 14. Gives a broader security pictureCorrelation across clientsWarn of industry attack trends•••Capabilities that SplunkProvides to the HD Services
  • 15. Capabilities that SplunkProvides to the HD PortalFlexible Reporting Searchable Log Data Correlation
  • 16. Digital interface withour clientsHow we showtransparencyAllows our clients tointeract with their bigdataA way to see theservice side vs. thetechnical side••••Hurricane Defense Portal
  • 17. What makes the HD portal tick?
  • 18. Why the SplunkSDK Is So Great"Makes things more Pythonic" – yes thats a quoteAllows for faster development times and faster versionreleases of the portalHelped us to develop a custom UI••
  • 19. Splunk DrivenDashboard Data Reports Monitoring Trends
  • 20. Splunk Helped TameOur Big Data
  • 21. In Closing
  • 22. Questions?Contact Me:Call @ 888-276-4106 x106E-mail @ matt@hurricanelabs.comThank you for your time!

×