Dark Reading
Protect The Business - Enable Access
 |
Data security and privacy: A holistic approach Download here |
Splunk Launches Big Data Security Solution
Enterprise Security Intelligence Solution identifies threats hidden as patterns in terabytes of data
“Whilemore and more organizations are embracing the power of big data, many are ignoring the security threats that lurk within that information. Customers who use Splunk Enterprise to monitor and analyze machine data to gain insights into their operations in real-time can use the Splunk App for Enterprise Security to monitor, identify, investigate and respond to critical known and unknown security threats,” said Christina Noren, senior vice president of solutions for Splunk.
Splunk Enterprise provides visibility into a broad range of IT events, including those that are beyond the purview of traditional security solutions but are increasingly security-relevant. Splunk’s big-data engine enables security professionals to quickly understand unknown threats hidden as patterns in terabytes of normal user-credentialed activities, indicating the presence of advanced malware or a malicious insider. The Splunk App for Enterprise Security provides the out-of-the-box security content that, combined with the core Splunk engine, delivers a next-generation security solution that provides monitoring of known threats, support for forensic investigations, big data analytics to help identify advanced persistent threats, and dashboards for security posture and investigation workflows.
“Big data and securityanalytics have become joined at the hip as of late," said Andrew Hay, senior analyst for 451 Research's Enterprise Security Practice (ESP). “The ‘out-of-the-box’ security content of the new Splunk App for Enterprise Security, combined with the big data analytics capabilities of the Splunk platform, delivers users a SIEM-like experience for massive data sets.”
The new Splunk App for Enterprise Security 2.0 builds upon the innovation of previous product releases , and leverages the Splunk Enterprise software, adding many benefits for security teams and support for risk management:
Real-time Event Correlation: Searches and alerts drive continuous monitoring of critical assets using dashboards and communications to members of the security team Dashboards: Visualizations of security data support more than 100 security metrics and over 160 reports Drill-down and drill-across: In a single click, users can access raw data quickly for analysis and pivot across the raw data-types to follow an investigation wherever it leads Federated Identity Monitoring: Correlation of multiple user identities to identify and investigate user activities across the IT infrastructure Enhanced incident management: The ability to reprioritize, reassign and journal security events for quick resolution and incident response Operationalization of findings: Once a forensic investigation is complete, users can click the ‘save’ button to continuously monitor and alert for the same condition.
“The Splunk App for Enterprise Security, together with core Splunk and other community-supported apps available through SplunkBase, continue to provide a flexible solution of security metrics and dashboards that support views of our total enterprise risk,” said Dan Frye, associate vice president, Corporate Security CedarCrestone, Inc.
Splunk App for Enterprise Security 2.0 is available to current customers for immediate download. New users can contact Splunk sales at sales@splunk.com. More information about Splunk Enterprise Security Intelligence Solution can be found here.
About Splunk Inc.
Splunk' Inc. provides the engine for machine data™. Splunk software collects, indexes and harnesses the massive machine data continuously generated by the websites, applications, servers, networks andmobile devices that power business. Splunk software enables organizations tomonitor, search, analyze, visualize and act on massive streams of real-time and historical machine data. More than 3,300 enterprises, universities, government agencies and service providers in more than 75 countries use Splunk Enterprise to gain operational intelligence that deepens business understanding, improves service and uptime, reduces cost and mitigates cybersecurity risk. To learnmore, please visit www.splunk.com/company.
 |
To upload an avatar photo, first complete your Disqus profile. | View the list of supported HTML tags you can use to style comments. | Please read our commenting policy. |
Subscribe to RSSDatabase Security Reports
Securing The Data Warehouse
Many enterprises are building data warehouses to centralize the ever-increasing information flowing through their organizations into useful repositories. This makes good business sense, but it opens up a slew of concerns from a security standpoint. IT professionals can apply many of the same security best practices used with databases, but there are new lessons to be learned as well.
Defend Your Data From Malicious Insiders
The biggest threat to your company?s most sensitive data may be the employee who has legitimate access to corporate databases but less-than-legitimate intentions. And while the incidence of insider data breaches has decreased, external attacks often imitate them--and do serious damage. Follow our advice to mitigate the risk.
Ensuring Secure Database Access
Role-based access control based on least user privilege is one of the most effective ways to prevent the compromise of corporate data. But proper provisioning is a growing challenging, due to the proliferation of "big data," NoSQLdatabases, and cloud-based data storage.
Other reports from the Database Security Tech Center:
- Stop SQL Injection: Don't Let Thieves in Through Your Web Apps
- Database Breaches: Lessons Learned From Real-World Attacks
- The Long Arm Of Database Security
- DB2 Gets Safer: IBM Makes Security a Priority
- Database Security: Oracle Offers New Tools to Counter Threats
- You've Been Breached: Responding to a Database Compromise
- Beyond the Database: Protecting Unstructured Data
- Protecting Databases from Web Applications
- Database Activity Monitoring: Emerging Technology Keeps Tabs on Assets
- SQL Injection: A Major Threat to Data Security
- Protecting Your Databases From Careless End Users
- A Database Administrator's Guide to Security
- Why Your Databases Are Vulnerable To Attack - And What You Can Do About It
Related Content
| Sponsored by: |  |
Establishing a Strategy for Database Security is No Longer Optional
As databases continue to grow in size, complexity and importance, enterprises struggle to identify the most appropriate controls regarding their use and misuse. The report identifies best practices, including: Implementing database activity monitoring to mitigate the high levels of risk from database vulnerabilities, and address audit findings in areas such as database segregation of duties and change management; using data security measures, such as data masking and data encryption; and monitoring privileged-user access and access to critical data.
Database Activity Monitoring Is Evolving Into Database Audit and Protection
In this report, Gartner writes that "Database audit and protection (DAP) represents an evolutionary advance in database activity monitoring tools." DAP suites provide comprehensive, cross-platform support in heterogeneous database environments to protect sensitive data from inappropriate use. Organizations are increasingly concerned with optimizing database security and mitigating risks associated with database vulnerabilities.
Protecting Against Database Attacks and Insider Threats: Top 5 Scenarios
Data security presents a multi-dimensional challenge in today's complex IT environment. Multiple access paths and permission levels have resulted in a broad array of security threats and vulnerabilities. We invite you to read this new eBook: "Protecting against database attacks and insider threats" to learn the top five scenarios and essential best practices for preventing database attacks and insider threats.
Demo: Distributed Database Security with Real-time Monitoring and Audit Protection
Organizations across the globe continue to experience compromised data caused by malicious attacks, web application vulnerabilities or unauthorized changes. View this demo and learn how IBM InfoSphere Guardium? database activity monitoring can help protect your sensitive data in distributed DBMS environments with a holistic approach to data security and compliance.
Look Beyond Native Database Auditing To Improve Security, Audit Visibility, And Real-Time Protection
Today's attacks on enterprise databases are more sophisticated than ever, and they occur so fast that it's often difficult to stop them in real time. Despite significant efforts to protect enterprise databases, the number of records breached has grown each year - due to all types of internal and external attacks and violations of corporate policy.
Database Security Newsfeed
- Cyber-Ark Partners With Carahsoft To Deliver IT Security Solutions To Government Sector
- Guidance Software Launches Encas App Central
- Varonis Research Uncovers What IT Security Wants Most From Big Data
- Check Point Report: More Than Half Of Targeted Attacks Driven By Financial Fraud
- Veracode Infographic On Cybersecurity Risks In Public Companies
- Digital Defense Identifies Vulnerability On Epicor Software Interface
MORE NEWSFEED >>>
- Big Data at High Speed: Complex Event Processing at 10x
- SMB Server Guide: Meeting Email, Virtualization, and Business Application Challenges
- The Business Case for Replacing Legacy Accounting Systems
- Cloud or Premise Based Contact Center – Which is Right [for YOU]?
- Enhance Business Performance with Process Oriented Data Stewardship
- Hardware vs. software deduplication: finding what's right for you
- SAS' High-Performance Analytics
- Gartner Research Picking the Right Server Type to Solve Your Data Center Space, Power and Heat Problems
- ComputerWorld Tech Dossier HP ProLiant Gen8 Servers: Intelligent Mgmt and Greater Efficiency Throughout the LifeCycle
- Business Value of Blade
