Splunk

splunk

Too Many Security Alerts, Not Enough Time: Automation to the Rescue

It’s 2020, which means it’s time to look back at 2019 and reminisce about the good times – fun with family and friends, good food, travel, and memories to last a lifetime. Who am I kidding? Everyone remembers the bad stuff. The increasing impacts of climate change; relentless fires in the Amazon, California, and Australia; political and social unrest around the globe; and the last season of Game of Thrones. Jon Snow... you still know nothing.

splunk

Splunk named Orange Business Service 'Digital and Data Partner of the Year'

With 2020 now well underway and the end of our financial year just around the corner, it’s a great moment to review some of the successes we have had in the EMEA Partner team over the past year. One particular highlight for us came in December when Orange Business Services, the digital transformation arm of Orange, named Splunk as its Digital & Data Partner of the Year at its annual awards in Paris.

splunk

Q&A Follow-Up: How Datev uses MITRE ATT&CK & Splunk in its SOC

Hey Everyone, We recently did a webinar with Christian Heger, technical head of the DATEV SOC, as well as Sebastian Schmerl, head of cyber defense of Computacenter. They shared their 6-month path of modernizing their security operations with help of Splunk technology and the MITRE ATT&CK framework. As we weren’t able to address all of the questions during the webinar, we discussed these afterwards and share them in this blog post as a Q&A follow-up.

splunk

Using Splunk Attack Range to Test and Detect Data Destruction (ATT&CK 1485)

Data destruction is an aggressive attack technique observed in several nation-state campaigns. This technique under MITRE ATT&CK 1485, describes actions of adversaries that may “..destroy data and files on specific systems or in large numbers on a network to interrupt availability to systems, services, and network resources. Data destruction is likely to render stored data irrecoverable by forensic techniques through overwriting files or data on local and remote drives”.

splunk

Self-Service Analytics for the Shop Floor [Part I] - Splunk Core Concepts

Despite the hype around predictive maintenance, basic data collection and analysis are still high priorities for manufacturing companies and key criteria for the success of Industrial Internet of Things (IIoT) projects. It is crucial that people who are most familiar with industrial assets, like process or control engineers, have direct access to industrial data. That way inadequate situations such as breakdowns can be resolved quickly.

splunk

Splunk and the WEF - Working together to unlock UK public sector AI

As I have mentioned in previous blogs use of AI can be challenging, but it can also deliver a lot of positive outcomes. Many of our customers believe that they have a skills and understanding gap when it comes to AI, which is why we are delighted to have been working with the World Economic Forum (WEF) to draft guidance on how these types of techniques can be used and assessed.

splunk

Google Cloud Platform Serverless Ingestion into Splunk

If you have or plan to collect data from Google Cloud Platform (GCP), you will have noticed that your option of ingesting data has been by using Splunk’s Google Cloud Platform Add-On. However, many customers are adopting “serverless” cloud services to deliver their cloud solutions. There are many reasons for this, but mainly it provides solutions that do not require any overheads of server or container management, that scale and is delivered as a part of their cloud platform.

splunk

Dizzy with Data? Stay Focused on Business Outcomes

Being a CIO is not easy these days. The industry is buzzing about data-driven business transformation, and every executive and manager wants to make data-driven decisions. For the CIO, finding the right solution – and getting the maximum benefit from it – can be overwhelming. Most customers have a minimum expectation, but beyond that it can be difficult to envision what’s possible. It’s hard to see what else data can make possible.

splunk

Rapidly Identifying Systems Critically Vulnerable to CVE-2020-0601 and Reporting for CISA Emergency Directive 20-02

Yesterday, Jan. 14, 2020, on the first “patch tuesday” of the year, Microsoft released patches for critical vulnerabilities in Microsoft Windows client and server operating systems.