Vice President of Security and Privacy for Intermedia. For all products, all services, all infrastructure, all offices, all intellectual property
I’ll describe Intermedia as a cloud-based business services company who serves about 70,000 businesses in North America. We provide essential IT services that businesses need simply to do business—including email, voice, file syncing and sharing, conferencing, instant messaging, identity and access management, mobility, security and archiving
And our focus is on e-mail, voice, thoughts they can share and single sign-on identity services, so all managed through a single platform.
Firewalls, IDS, Application Logs, System Logs, Badge Logs, Threat Lists, AV Logs, DNS Logs, HTTP Logs
Only wanted a cloud solution – lean teams need a cloud solution. No time spent on infrastructure. He wants to be a user of the system, not an admin.
I’ll describe Intermedia as a cloud-based business services company who serves about 70,000 businesses in North America. We provide essential IT services that businesses need simply to do business—including email, voice, file syncing and sharing, conferencing, instant messaging, identity and access management, mobility, security and archiving
And our focus is on e-mail, voice, thoughts they can share and single sign-on identity services, so all managed through a single platform.
I’ll describe Intermedia as a cloud-based business services company who serves about 70,000 businesses in North America. We provide essential IT services that businesses need simply to do business—including email, voice, file syncing and sharing, conferencing, instant messaging, identity and access management, mobility, security and archiving
And our focus is on e-mail, voice, thoughts they can share and single sign-on identity services, so all managed through a single platform.
Built dynamic threat severity prioritization system – incorporating vulnerability data, 3rd party intelligence tools and history. Not a matter of just saving time, they can do something they couldn't do before.
Built instant SOC. Splunk is foundational technology for their SOC.
Monitoring policy violations and anomalous behavior worldwide.
Example of policy violation is someone within the network running software that's not allowed in the environment – like a vulnerability scanner.
Example of anomalous behavior is large file transfer
Capturing KPIs for security investigations
Splunk on desktops – key part of effort to protect against data exfiltration
IT Ops: KPIs on incident resolution. Ryan is also the VP of IT.
Built dynamic threat severity prioritization system – incorporating vulnerability data, 3rd party intelligence tools and history. Not a matter of just saving time, they can do something they couldn't do before.
Built instant SOC. Splunk is foundational technology for their SOC.
Monitoring policy violations and anomalous behavior worldwide.
Example of policy violation is someone within the network running software that's not allowed in the environment – like a vulnerability scanner.
Example of anomalous behavior is large file transfer
Capturing KPIs for security investigations
Splunk on desktops – key part of effort to protect against data exfiltration
IT Ops: KPIs on incident resolution. Ryan is also the VP of IT.
Talk about your personal CIO Dashboard and the operational intelligence it provides you.
Talk about your personal CIO Dashboard and the operational intelligence it provides you.
Talk about your personal CIO Dashboard and the operational intelligence it provides you.
Talk about your personal CIO Dashboard and the operational intelligence it provides you.
Talk about your personal CIO Dashboard and the operational intelligence it provides you.
IT Ops: KPIs on incident resolution. Ryan is also the VP of IT.
Business analytics: Billing use case – time from call to billing – pain is that finance team couldn't bill faster
Talk about your personal CIO Dashboard and the operational intelligence it provides you.
ARE OTHER TEAMS USING SPLUNK at Equinix?
Security – Now – How many folks. 6 people.
Infrastructure for monitoring app performance
DevOps…looking to Splunk to bake prcesses into development. Triggered alerts. Service down, KPIs,
LOOKING AT HURRICANE LABS TO HELP OPERATE BETTER IN THIS ENVIRONMENT.
Help manage Splunk. Write correlation events as we define them in terms of use cases.
Use a service skilled in that work rather than doing it themselves.
Security ops center