You have spent a ton of money on your security infrastructure. But how do you string all those things together so you can achieve your goals of reducing time to response, and early detection and prevention of events. See a live demonstration that will showcase how to operationalize those resources so that your organization can reap the maximum benefit.
2. 2
Disclaimer
2
During the course of this presentation, we may make forward looking statements regarding future events
or the expected performance of the company. We caution you that such statements reflect our current
expectations and estimates based on factors currently known to us and that actual events or results
could differ materially. For important factors that may cause actual results to differ from those contained
in our forward-looking statements, please review our filings with the SEC. The forward-looking
statements made in the this presentation are being made as of the time and date of its live presentation.
If reviewed after its live presentation, this presentation may not contain current or accurate information.
We do not assume any obligation to update any forward looking statements we may make.
In addition, any information about our roadmap outlines our general product direction and is subject to
change at any time without notice. It is for informational purposes only and shall not, be incorporated
into any contract or other commitment. Splunk undertakes no obligation either to develop the features
or functionality described or to include any such feature or functionality in a future release.
3. 3
Agenda
The super hero and the fish market – a short story
What is Security Intelligence
For the bosses
Demos and Examples
13. 13
Security Intelligence
Information relevant to protecting an
organization from external and inside
threats as well as the processes, policies
and tools designed to gather and analyze
that information.
http://whatis.techtarget.com/definition/security-intelligence-SI
14. 14
Security Intelligence
Information relevant to protecting an
organization from external and inside
threats as well as the processes, policies
and tools designed to gather and analyze
that information.
http://whatis.techtarget.com/definition/security-intelligence-SI
15. 15
Intelligence
Actionable information that provides an
organization with decision support and possibly
a strategic advantage. SI is a comprehensive
approach that integrates multiple processes and
practices designed to protect the organization.
http://whatis.techtarget.com/definition/security-intelligence-SI
16. 16
Intelligence
Actionable information that provides an
organization with decision support and possibly
a strategic advantage. SI is a comprehensive
approach that integrates multiple processes and
practices designed to protect the organization.
http://whatis.techtarget.com/definition/security-intelligence-SI
25. 25
Context and Intelligence
Integrate across technologies
Automated context matching
Automated context acquisition
Post processing and post analysis
Threat
Intelligence
Asset
& CMDB
API/SDK
Integrations
Data
Stores
Applications
28. 28
Connecting People and Data
Human mediated automation
Sharing and collaboration
Free form investigation – human intuition
Interact with views and workflows
Any data, all data
Automation Collaboration Investigation Workflows All data
31. 31
SECURITY USE CASES
In
SECURITY &
COMPLIANCE
REPORTING
REAL-TIME
MONITORING OF
KNOWN THREATS
MONITORING
OF UNKNOWN,
ADVANCED
THREATS
INCIDENT
INVESTIGATIONS
& FORENSICS
INSIDER
THREAT
3
Splunk Can Complement OR Replace an Existing SIEM
INSIDER
THREAT
32. 32
SPLUNK FOR SECURITY
3
SECURITY APPS & ADD-ONS
SPLUNK
APP FOR PCI
SIEM Security Analytics
Fraud, Theft
and Abuse
Platform for
Security Services
SPLUNK
USER BEHAVIOR ANALYTICS
Wire data
Windows = SIEM integration
RDBMS (any) data
SPLUNK
ENTERPRISE SECURITY
39. 39
What’s Next – DC Area
Workshops in Mclean, VA
These workshops are tailored for beginner users that are new to Splunk and
have not used it before.
April 7: Introduction to Splunk Enterprise
April 27: Introduction to Splunk Enterprise Security
May 12: Introduction to Splunk Enterprise
May 12: Introduction to Splunk IT Service Intelligence
See more at: http://www.doyouknowsplunk.com/
User Groups in DC/VA/MD:
April 18, 2016, Baltimore, MD
April 21, 2016, Herndon, VA
April 27, 2016, McLean, VA
April 18, 2016, Baltimore, MD
April 21, 2016, Herndon, VA
40. 40
SEPT 26-29, 2016
WALT DISNEY WORLD, ORLANDO
SWAN AND DOLPHIN RESORTS
• 5000+ IT & Business Professionals
• 3 days of technical content
• 165+ sessions
• 80+ Customer Speakers
• 35+ Apps in Splunk Apps Showcase
• 75+ Technology Partners
• 1:1 networking: Ask The Experts and Security
Experts, Birds of a Feather and Chalk Talks
• NEW hands-on labs!
• Expanded show floor, Dashboards Control
Room & Clinic, and MORE!
The 7th Annual Splunk Worldwide Users’ Conference
PLUS Splunk University
• Three days: Sept 24-26, 2016
• Get Splunk Certified for FREE!
• Get CPE credits for CISSP, CAP, SSCP
• Save thousands on Splunk education!
Let’s watch this short video and see how big the problem is …
Did you feel their pain? Do you see the chaos?
So now imagine Splunk in the middle of all that, being positioned in FY’17 as a leader to help our customers fight the bad guys.
Help them do threat detection and threat analysis, be proactive and reactive, and resolve security events faster and before they create damages.
This is a big mission and a very important one. We are helping protect not only our customers, but also our economy and our countries.
So… what is in it for us? Besides purpose and fulfillment, there is also a big financial opportunity for Splunk (click)
The process of discovering relationships across all security-relevant data, including data from IT infrastructures, point security products and all machine-generated data to rapidly adapt to a changing threat landscape.
The process of discovering relationships across all security-relevant data, including data from IT infrastructures, point security products and all machine-generated data to rapidly adapt to a changing threat landscape.
Let’s watch this short video and see how big the problem is …
Did you feel their pain? Do you see the chaos?
So now imagine Splunk in the middle of all that, being positioned in FY’17 as a leader to help our customers fight the bad guys.
Help them do threat detection and threat analysis, be proactive and reactive, and resolve security events faster and before they create damages.
This is a big mission and a very important one. We are helping protect not only our customers, but also our economy and our countries.
So… what is in it for us? Besides purpose and fulfillment, there is also a big financial opportunity for Splunk (click)
We’re headed to the East Coast!
2 inspired Keynotes – General Session and Security Keynote + Super Sessions with Splunk Leadership in Cloud, IT Ops, Security and Business Analytics!
165+ Breakout sessions addressing all areas and levels of Operational Intelligence – IT, Business Analytics, Mobile, Cloud, IoT, Security…and MORE!
30+ hours of invaluable networking time with industry thought leaders, technologists, and other Splunk Ninjas and Champions waiting to share their business wins with you!
Join the 50%+ of Fortune 100 companies who attended .conf2015 to get hands on with Splunk. You’ll be surrounded by thousands of other like-minded individuals who are ready to share exciting and cutting edge use cases and best practices. You can also deep dive on all things Splunk products together with your favorite Splunkers.
Head back to your company with both practical and inspired new uses for Splunk, ready to unlock the unimaginable power of your data! Arrive in Orlando a Splunk user, leave Orlando a Splunk Ninja!
REGISTRATION OPENS IN MARCH 2016 – STAY TUNED FOR NEWS ON OUR BEST REGISTRATION RATES – COMING SOON!