Md Mofijul Haque, profile picture
Uploaded byMd Mofijul Haque
PPTX, PDF642 views

Splunk Enterprise Security

This presentation introduces Splunk Enterprise Security (ES) and its security portfolio. It discusses Splunk's workflow and frameworks that enable key security use cases. The frameworks presented include Notable Events, Asset and Identity, Risk, Threat Intelligence, and Adaptive Response. Desh Cyber is highlighted as a reliable partner that provides Splunk-based security solutions along with training and 24/7 monitoring services.

Embed presentation

Downloaded 15 times
Presentation Topics : Splunk Enterprise Security(ES). Presenter : Md Mofijul Haque Business Development Executive Sabuz@deshcloud.com
OUTCOME….  INTRODUCE WITH SPLUNK ENTERPRISE SECURITY(ES) SPLUNK SECURITY PORTFOLIO SPLUNK WORKFLOW & FRAMEWORK FRAMEWORKS ENABLE USE CASES WHY DESH CYBER IS RELIABLE Q&A
SPLUNK TURNS MACHINE DATA INTO ANSWERS
MOSTLY FACED SECURITY OPERATIONS NOW A DAYS
SPLUNK WORK AS FULLY OPTIMIZED FOR MODERN SECURITY OPERATIONS
SPLUNK SECURITY PORTFOLIO
HOW SPLUNK ETERPRISE SECURITY WORKS
SPLUNK ENTERPRISE SECURITY FRAMEWORK
WORKFLOW FOR STREAMLINED INCIDENT MANAGEMENT NOTABLE EVENTS FRAMEWORK Streamline Incident Management Consolidated incident management allows effective lifecycle management of security incidents. Make Rapid Decisions Automatically aligns all security context together for fast incident qualification and provides predefined analysis paths Refine Security Management Investigation management and customizations to support complex process integration requirements.
NOTABLE EVENTS AND INCIDENT REVIEW Use for Security Operations “Application” logics are pre-built on top of Splunk Enterprise as data platform. Provide graphically oriented user experience supporting the security operations workflow Intuitive User Interface Optimized for Security Operations Security operational tasks designed into user interface versus search bar interface. Key relevant information automatically presented as summary of incident.
INCIDENT REVIEW INTERFACE
SEARCH AND NAVIGATION INTERFACE
CONSOLIDATED INCIDENT MANAGEMENT INTERFACE
WORKFLOW PROCESS 1: EVENT OVERVIEW
WORKFLOW PROCESS 2: INCIDENT CONTEXT
WORKFLOW PROCESS 3: ANALYSIS ACTIONS
WORKFLOW PROCESS 4: REMEDIATION ACTIONS
NOTABLE EVENT FRAMEWORK
ASSET AND IDENTITY FRAMEWORK Automatically maps asset and identity context to incidents Fast Incident Qualification By automating context enrichment, SecOps can qualify more incidents quickly Extended Situation Based Insights Rich enrichment allows more accurate assessment of situational aspect of incidents
SECURITY ENRICHED CONTEXT..
ASSET AND IDENTITY FRAMEWORK : ASSET DATABASE
ASSET AND IDENTITY FRAMEWORK : IDENTITY DATABASE
ASSET AND IDENTITY FRAMEWORK : ENRICHMENT
REPRESENTATIVE LIST OF ASSETS AND IDENTITIES
ASSET AND IDENTITY FRAMEWORK
RISK FRAMEWORK Quantitative metrics are applied to distinguish importance
RISK ANALYSIS DASHBOARD
RISK ANALYSIS WITH INCIDENT REVIEW
RISK FRAMEWORK
THREAT INTELLIGENCE FRAMEWORK Finding hidden IOCs using comprehensive threat intelligence mappings
THREAT INTEL SUPPORT
CONFIGURE THREAT INTELLIGENCE
THREAT INTELLIGENCE IN INCIDENT REVIEW
THREAT ACTIVITY
THREAT INTELLIGENCE FRAMEWORK
USE CASE LIBRARY
SPLUNK AS THE SECURITY NERVE CENTER
ADAPTIVE RESPONSE FRAMEWORK
ADAPTIVE RESPONSE FRAMEWORK
FRAMEWORKS ENABLE USE CASES
REWIND…
WHY DESH CYBER ? • HIGHLY EXPERIENCED TECHNICAL TEAM . • BEST COMPETITIVE PRICE WITH BEST SERVICE. • FIRST BANGLADESHI COMPANY TO ASSOCIATE PARTNER WITH SPLUNK . • WE WILL PROVIDE TRAINING TO YOUR ORGANIZATIONS . • DESH CYBER WILL PROVIDE 24/7 MONITORING TO YOUR ORGANIZATIONS .
WE ALSO PROVIDE …. PHISHING AWARNESS TRAING (KNOWBE4) EMAIL THREAT SOLUTIONS (VAILMAIL) CISCO UMBRELLA & MANY OTHER SECURITY TOOLS AND SERVICES
STAY WITH US .THANKS YOU
Q & A ? Reference Credit Goes To Him

More Related Content

PPTX
Splunk Phantom SOAR Roundtable
bySplunk
 
PPTX
Exploring Frameworks of Splunk Enterprise Security
bySplunk
 
PPTX
Security Automation & Orchestration
bySplunk
 
PPTX
Getting Started with Splunk (Hands-On)
bySplunk
 
PPTX
Splunk Cloud
bySplunk
 
PPTX
QRadar, ArcSight and Splunk
byM sharifi
 
PPTX
dlux - Splunk Technical Overview
byDavid Lutz
 
PPTX
Threat Hunting with Splunk Hands-on
bySplunk
 
Splunk Phantom SOAR Roundtable
bySplunk
 
Exploring Frameworks of Splunk Enterprise Security
bySplunk
 
Security Automation & Orchestration
bySplunk
 
Getting Started with Splunk (Hands-On)
bySplunk
 
Splunk Cloud
bySplunk
 
QRadar, ArcSight and Splunk
byM sharifi
 
dlux - Splunk Technical Overview
byDavid Lutz
 
Threat Hunting with Splunk Hands-on
bySplunk
 

What's hot

PPTX
Splunk Enterprise Security
bySplunk
 
PPTX
Splunk for Enterprise Security and User Behavior Analytics
bySplunk
 
PDF
Splunk-Presentation
byPrasadThorat23
 
PPTX
PPT-Splunk-LegacySIEM-101_FINAL
byRisi Avila
 
PPTX
Splunk for Enterprise Security featuring User Behavior Analytics
bySplunk
 
PPTX
Splunk overview
byDaniel Hernandez
 
PPTX
Splunk Security Session - .conf Go Köln
bySplunk
 
PPTX
Splunk for Enterprise Security featuring User Behavior Analytics
bySplunk
 
PPTX
SplunkLive 2011 Beginners Session
bySplunk
 
PPTX
Splunk Dashboarding & Universal Vs. Heavy Forwarders
byHarry McLaren
 
PPTX
SOC and SIEM.pptx
bySandeshUprety4
 
PPTX
Splunk Overview
bySplunk
 
PPTX
Splunk Overview
bySplunk
 
PPTX
Splunk Architecture
byKishore Chaganti
 
PDF
Micro segmentation and zero trust for security and compliance - Guardicore an...
byYouAttestSlideshare
 
PPTX
Splunk for Security-Hands On
bySplunk
 
PPTX
Getting started with Splunk - Break out Session
byGeorg Knon
 
PDF
Building an Analytics Enables SOC
bySplunk
 
PPTX
Splunk Architecture overview
byAlex Fok
 
PPTX
How to justify the economic value of your data investment
bySplunk
 
Splunk Enterprise Security
bySplunk
 
Splunk for Enterprise Security and User Behavior Analytics
bySplunk
 
Splunk-Presentation
byPrasadThorat23
 
PPT-Splunk-LegacySIEM-101_FINAL
byRisi Avila
 
Splunk for Enterprise Security featuring User Behavior Analytics
bySplunk
 
Splunk overview
byDaniel Hernandez
 
Splunk Security Session - .conf Go Köln
bySplunk
 
Splunk for Enterprise Security featuring User Behavior Analytics
bySplunk
 
SplunkLive 2011 Beginners Session
bySplunk
 
Splunk Dashboarding & Universal Vs. Heavy Forwarders
byHarry McLaren
 
SOC and SIEM.pptx
bySandeshUprety4
 
Splunk Overview
bySplunk
 
Splunk Overview
bySplunk
 
Splunk Architecture
byKishore Chaganti
 
Micro segmentation and zero trust for security and compliance - Guardicore an...
byYouAttestSlideshare
 
Splunk for Security-Hands On
bySplunk
 
Getting started with Splunk - Break out Session
byGeorg Knon
 
Building an Analytics Enables SOC
bySplunk
 
Splunk Architecture overview
byAlex Fok
 
How to justify the economic value of your data investment
bySplunk
 

Similar to Splunk Enterprise Security

PPTX
Learn how to use an Analytics-Driven SIEM for your Security Operations
bySplunk
 
PPTX
Exploring Frameworks of Splunk Enterprise Security
bySplunk
 
PPTX
The Splunk AISecOps Initiative - Splunk Security Roundtable: Zurich 2018
bySplunk
 
PPTX
Splunk for Security Breakout Session
bySplunk
 
PPTX
SplunkLive! London 2017 - Build a Security Portfolio That Strengthens Your Se...
bySplunk
 
PDF
Webinar: Neues zur Splunk App for Enterprise Security
byGeorg Knon
 
PDF
Splunk for security
byGreg Hanchin
 
PPTX
Splunk Discovery Day Dubai 2017 - Security Keynote
bySplunk
 
PDF
Splunk app for_enterprise_security
byGreg Hanchin
 
PDF
SplunkLive Auckland 2015 - Splunk for Security
bySplunk
 
PDF
SplunkLive Wellington 2015 - Splunk for Security
bySplunk
 
PDF
Splunk for Security
byGabrielle Knowles
 
PPTX
SplunkLive! - Splunk for Security
bySplunk
 
PPTX
SplunkLive! Munich 2018: Intro to Security Analytics Methods
bySplunk
 
PDF
Splunk Discovery: Warsaw 2018 - Solve Your Security Challenges with Splunk En...
bySplunk
 
PDF
Splunk Discovery: Warsaw 2018 - Intro to Security Analytics Methods
bySplunk
 
PDF
Analytics Driven SIEM Workshop
bySplunk
 
PDF
SplunkLive! Amsterdam 2015 - Analytics based security breakout
bySplunk
 
PPTX
SplunkLive! Tampa: Splunk for Security - Hands-On Session
bySplunk
 
PPTX
Build a Security Portfolio That Strengthens Your Security Posture
bySplunk
 
Learn how to use an Analytics-Driven SIEM for your Security Operations
bySplunk
 
Exploring Frameworks of Splunk Enterprise Security
bySplunk
 
The Splunk AISecOps Initiative - Splunk Security Roundtable: Zurich 2018
bySplunk
 
Splunk for Security Breakout Session
bySplunk
 
SplunkLive! London 2017 - Build a Security Portfolio That Strengthens Your Se...
bySplunk
 
Webinar: Neues zur Splunk App for Enterprise Security
byGeorg Knon
 
Splunk for security
byGreg Hanchin
 
Splunk Discovery Day Dubai 2017 - Security Keynote
bySplunk
 
Splunk app for_enterprise_security
byGreg Hanchin
 
SplunkLive Auckland 2015 - Splunk for Security
bySplunk
 
SplunkLive Wellington 2015 - Splunk for Security
bySplunk
 
Splunk for Security
byGabrielle Knowles
 
SplunkLive! - Splunk for Security
bySplunk
 
SplunkLive! Munich 2018: Intro to Security Analytics Methods
bySplunk
 
Splunk Discovery: Warsaw 2018 - Solve Your Security Challenges with Splunk En...
bySplunk
 
Splunk Discovery: Warsaw 2018 - Intro to Security Analytics Methods
bySplunk
 
Analytics Driven SIEM Workshop
bySplunk
 
SplunkLive! Amsterdam 2015 - Analytics based security breakout
bySplunk
 
SplunkLive! Tampa: Splunk for Security - Hands-On Session
bySplunk
 
Build a Security Portfolio That Strengthens Your Security Posture
bySplunk
 

Recently uploaded

PDF
Smart Cloud Solutions-Smart,Secure & Scalable
byfloydjsmith02
 
PPTX
AI in Marine Insurance Future of Smarter Risk, Faster Claims & Safer Shipping...
byAutomationEdge Technologies
 
PDF
Azure DevOps Managed Services: Driving Speed, Security, and Business Growth
byjohncarterjn
 
PPTX
Coded Agents – with UiPath SDK + LlamaIndex.pptx
bysuhanisingh58689
 
PDF
Why Are Cloud Migration Services Essential for Modern Business Growth?
byGeoPITS Global Pvt Ltd
 
PDF
Unlocking Gen AI Capabilities Within UiPath Document Understanding
byDianaGray10
 
PPTX
Achieve enterprise automation with SAP BTP solutions and SAP Signavio
bydarrellkiwi
 
PPTX
Spacewalk 2026 - Presented at the IMAX in Raleigh, NC
byAll Things Open
 
PPTX
Storage-and-HCI-Positioning-update-sales.pptx
byhungungphu123
 
PDF
How to Build a Crypto Wallet that Excels in 2026.pdf
byimoliviabennett
 
PDF
MINDCTI Revenue Release Quarter 3 2025 - Financial Presentation
byMIND CTI
 
PPTX
Mastering SQL Server Replication: Types, Setup & Troubleshooting
byGeoPITS Global Pvt Ltd
 
PDF
5G Explained! A High Level Overview [Introduction]
byLuciano Motta
 
PDF
Agentic AI Roadmap 2026: Mastering Autonomous AI Workflows and Systems
byAeafat Ahmed Mubin
 
PDF
What Is AI LXP and Why Enterprises Are Adopting It.pdf
byneuralminds4
 
PDF
Talaria: A Sound-Driven Music Search Engine for Discovery Beyond Metadata
byShuen-Huei Guan
 
DOCX
Best Web to Learn About Buying Verified Skrill Accounts (Los Angeles).docx
byhttps://topsellerit.com/product/buy-verified-binance-accounts/
 
PPTX
Advance Computer Architecture Lecture 4.pptx
byBottshikanBottshikan
 
PPTX
Robot Vacuums are Cleaning Up. The global robot vacuum segment has high marke...
byRobert March
 
PDF
Lightweight, Travel-Ready Freedom for Adults and Seniors
byTopmate
 
Smart Cloud Solutions-Smart,Secure & Scalable
byfloydjsmith02
 
AI in Marine Insurance Future of Smarter Risk, Faster Claims & Safer Shipping...
byAutomationEdge Technologies
 
Azure DevOps Managed Services: Driving Speed, Security, and Business Growth
byjohncarterjn
 
Coded Agents – with UiPath SDK + LlamaIndex.pptx
bysuhanisingh58689
 
Why Are Cloud Migration Services Essential for Modern Business Growth?
byGeoPITS Global Pvt Ltd
 
Unlocking Gen AI Capabilities Within UiPath Document Understanding
byDianaGray10
 
Achieve enterprise automation with SAP BTP solutions and SAP Signavio
bydarrellkiwi
 
Spacewalk 2026 - Presented at the IMAX in Raleigh, NC
byAll Things Open
 
Storage-and-HCI-Positioning-update-sales.pptx
byhungungphu123
 
How to Build a Crypto Wallet that Excels in 2026.pdf
byimoliviabennett
 
MINDCTI Revenue Release Quarter 3 2025 - Financial Presentation
byMIND CTI
 
Mastering SQL Server Replication: Types, Setup & Troubleshooting
byGeoPITS Global Pvt Ltd
 
5G Explained! A High Level Overview [Introduction]
byLuciano Motta
 
Agentic AI Roadmap 2026: Mastering Autonomous AI Workflows and Systems
byAeafat Ahmed Mubin
 
What Is AI LXP and Why Enterprises Are Adopting It.pdf
byneuralminds4
 
Talaria: A Sound-Driven Music Search Engine for Discovery Beyond Metadata
byShuen-Huei Guan
 
Best Web to Learn About Buying Verified Skrill Accounts (Los Angeles).docx
byhttps://topsellerit.com/product/buy-verified-binance-accounts/
 
Advance Computer Architecture Lecture 4.pptx
byBottshikanBottshikan
 
Robot Vacuums are Cleaning Up. The global robot vacuum segment has high marke...
byRobert March
 
Lightweight, Travel-Ready Freedom for Adults and Seniors
byTopmate
 

Splunk Enterprise Security

Editor's Notes

  • #4 Make Machine Data Accessible, Usable and Valuable to Everyone. Regardless of your organization's size and industry
  • #5 Data ingestion is a process by which data is moved from one or more sources to a destination where it can be stored and further analyzed
  • #6 A petabyte is a measure of memory or data storage capacity that is equal to 2 to the 50th power of bytes. UEBA is able to model the behavior of both humans and also the machines within network.  Security Orchestration, Automation and Response (SOAR)
  • #7 Within a volume of time and space, the perception of an enterprise's security posture and its threat environment; the comprehension/meaning of both taken together (risk); and the projection of their status into the near future.
  • #10 An incident management process is a set of procedures and actions taken to respond to and resolve critical incidents: how incidents are detected and communicated, who is responsible, what tools are used, and what steps are taken to resolve the incident.
  • #16 prioritize where action should be taken first. ... This strategy ensures the most effective actions are taken to keep the business running
  • #32 Threat intelligence is knowledge that allows security teams to prevent or mitigate cyberattacks. pieces of forensic data, such as data found in system log entries or files, that identify potentially malicious activity on a system or network.”
  • #39 Ad Hoc generally signifies a solution designed for a specific problem or task, non-generalizable, and not intended to be adapted to other purposes
  • #40 A correlation search is a type of scheduled search. It lets you detect suspicious events and patterns in your data
  • #42 Mandate is  an authoritative command especially
  • #43 SaaS applications are sometimes called Web-based software, on-demand software, or hosted software. Whatever the name, SaaS applications run on a SaaS provider's servers.