DOCSLIB.ORG

Security Analytics in Big Data

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Security Analytics in Big Data Security Analytics in Big Data Alexandre F Moraes, CISSP Solutions Architect Manager Latin America HP Enterprise Security [email protected] 1© Copyright© Copyright 2013 2013Hewlett Hewlett-Packard-Packard Development Development Company, Company, L.P. L.P.The information The information contained contained herein herein is subject is subject to change to change without without notice notice. Collect HP Enterprise Consolidate Security Correlate SaaS Hybrid Cloud Finance PaaS APP Division A Division A Division B IaaS Public Private Cloud Cloud - Vulnerability Awareness - Proactive Defense - Visibility - Vulnerability Scanning - Flexible Security-Zone Segmentation - Security-Information and Event - Source Code Analysis - Well-Known- and Management System - Software Security Assurance Zero-Day-Exploit Protection - Event Correlation - Adaptive Network Defense - Context-Visibility 2 © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. New ! NGFW 1 3 5 7 CONSOLE 115200 N, 8, 1 10#0F STATUS CFast Card HA 2 4 6 8 MGMT RESET ALERT POWER 12 80##F 13 15 17 19 CONSOLE 1 3 5 7 9 11 12 115200 N, 8, 1 STATUS ALERT HA 1 HA 2 2 4 6 8 10 12 14 16 18 20 CFast Card MGMT S1050F – 500Mbps / 250Mbps (FW+AppID / S8005F – 5Gbps / 2.5Gbps (FW+AppID / FW+IPS) FW+IPS) S3010F – 1Gbps / 500Mbps (FW+AppID / FW+IPS) S8010F – 10Gbps / 5Gbps (FW+AppID / FW+IPS) 3 S3020F© Copyright 2013– Hewlett2Gbps-Packard / Development1Gbps Company,(FW+AppID L.P. The information/ FW+IPS) contained herein is subjectS8020F to change without – notice20Gbps. / 10 Gbps (FW+AppID / FW+IPS) Accelerating innovation & time to value kaggle SolidFire Pandora Scribd. Amazon Music iHandy DocuSign SmugMug salesforce.com Every 60 seconds Finance SuperCam Snapfish Urban NetSuite AppFog Travel Xactly Dragon Diction Parse Taleo Joyent Plex Systems LinkedIn UPS Mobile Reference 98,000+ tweets DCC Google Facebook PingMe Lifestyle Atlassian eBay Bromium GoGrid Manufacturing Projects Hosting.com Hyland Splunk CCC Product Configurator SAP HP buzzd Amazon Web Services Tata Communications box.net LimeLight Sport CRM MRM Ariba Scanner Pro Yandex Quickbooks NetReach ScaleXtreme 695,000 status updates Bills of Material Engineering Foursquare cloudability Order Entry NetDocuments Zoho Games SCM Pinterest Hootsuite CloudSigma Inventory Alterian Qvidian Workbrain Quality Control Datapipe Burroughs EMC OpenText CyberShift nebula HP ePrint Twitter HCM Workscape Sage IBM Hitachi Cost Management 11million instant messages Unisys Mobile, Social, Mainframe Client/Server The Internet Kilobytes Megabytes Gigabytes Big Data & The Cloud 698,445 Google searches Zettabytes Cash Management NEC Microsoft Bull ERP Serif HCM Xerox SLI Systems Zynga Time and Expense OpSource Fijitsu Avid Workday Baidu Fixed Assets Elemica iSchedule Costing Navigation Yandex Mixi Accounts Receivable Photo & Video 168 million+ emails sent ADP VirtualEdge Yahoo! SCM Khan Academy Zillabyte Heroku Payroll Billing Yammer Adobe Corel CyberShift PaperHost Renren Activity Management SuccessFactors Entertainment Viber PLM Yahoo Training Kinaxis Education Answers.com Microsoft SugarCRM Atlassian Sales tracking & Marketing Social Networking Rostering Saba BrainPOP RightScale PPM Sonar6 1,820TB of data created Time & Attendance CYworld Quadrem MobileFrame.com YouTube Kenexa Sonar6 Service Business Jive Software Commissions Saba myHomework Database Softscape NetSuite Tumblr. Qzone Claim Processing Intacct Fring Toggl News Exact Online Amazon dotCloud Data Warehousing Cornerstone onDemand Xing Cookie Doodle New Relic Mozy FinancialForce.com 217 new mobile web users Softscape MailChimp PingMe Utilities Zynga Ah! Fasion Girl Volusion IntraLinks Associatedcontent BeyondCore SmugMug MobilieIron Atlassian Productivity Fed Ex Mobile Rackspace Flickr Yottabytes TripIt Twitter Paint.NET 4 © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Big Data • Walmart : 1 Million of Transactions per Hour: 2.56 Terabytes / day • Facebook: 50 Billions of pictures in the database • 50 % of the data is non structured: video, images, audio... 5 © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Big Data landscape Annual Machine Data Human Information Growth ~100% 90% of Information Business Data ~10% 10% of Information Business challenge Opportunities lost Competitive advantage in the digital universe in 2012 Massive amounts of useful data are getting lost % of data that would % actually being be potentially useful tagged for Big Data IF tagged and Value (will grow to analyzed 23% 3% 33% by 2020) 0.5% % of the Digital Universe that actually is being tagged and ¹Source: IDC The Digital Universe in 2020, December 2012 analyzed Technology challenge Legacy techniques have fallen short. Stale technologies Talent shortage 86% of corporations cannot deliver the right information, at the right time to support enterprise outcomes all of the time³ ³Source: Coleman Parkes Survey Nov 2012 IT frustration Lack of insight HAVEn – the #1 Big Data platform HAVEn n Hadoop Autonom Vertic Enterpris Apps / y a e HDFS IDOL Security Powering Scale Source Speed Secure HP Software + your apps Transactional Social media Video Audio Email Texts Mobile data Documents IT/OT Search engine Images hp.com/haven Proactive Protection - Security Analytics Hadoop Turning events & logs into actionable intelligence Autonomy • Powered by HP HAVEn Harness the power of ArcSight SIEM and Vertica Analytics Vertica • Reduce false positives Enterprise Security • Minimize impact of security breach n-Apps • Transform security from defense to proactive protection 10 © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Business Security Weather Threat feeds Log Org structure TX data s App2 App 3 App1 Vertica ArcSight ESM Intelligence Events + context + analytics 11 © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. ArcSight Security Alert Spikes in logins: Johnp 12 © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 13 © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Invoke Vertica with event context Right click Integration command 14 © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Login by Site 10000 8000 6000 4000 2000 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 Login by Role 10000 8000 6000 4000 2000 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 15 © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Proactive Protection - Security Analytics Hadoop Detecting Information Leakage Autonomy • Powered by HP HAVEn Harness the power of ArcSight SIEM and Autonomy IDOL Vertica • Distill meaning and make decisions based on it, not just Enterprise Security match keywords or tags n-Apps • “judge” events based on their context 16 © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Sample Usecase: Detecting Information Leakage 1 3 2 1. Data access (file, email) 2. Event sent to ESM IDOL ESM 3. Query sent to IDOL 4. Context sent to ESM 5 5. Rules fired 4 17 © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Sample Usecase: Information at Risk 1 3 2 1. Attack target 2. Events sent to ESM IDOL ESM 3. Query sent to IDOL 4. Context sent to ESM 5 5. See next slide 4 18 © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Sample Usecase: Data under Attack (cont’) Information Store Information @ Risk Information Store Patents 19 © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Sample Usecase: Threat Monitoring through Sentiment Analysis • Intelligence has a long history of providing pivotal information to decision- makers • Monitoring the spiraling amount of user generated content on the internet (social media) and analyze it for sentiment 20 © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Sample Usecase: Threat Monitoring through Sentiment Analysis 21 © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. hp.com/haven Develop Operate HAVEn Monetize Secure Govern 22 © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice..
Load more

Recommended publications
  • Reseller Approved Manufacturer(S)
    Reseller Approved Manufacturer(s) 1Plus1 Technology EMC 5X Technology Red Hat, SAP 6D Global Adobe Accelera Solutions AppSense, EMC, HP, Imprivata, Liquidware Labs, Nutanix, Precise Biometrics, Red Hat, ServiceNow, Tintri, Vmware Adaptive Cyber RSA Adapture F5 Aderas, Inc. Delphix Advanced Computer Concepts Adobe, Condusiv, Gigamon, Nimble, RSA, SafeNet, Symantec, Veritas Advanced Market Place HP, Symantec Advanced Network Management F5, Splunk, VMware Advantaged Solutions SAP Affigent, LLC (Formerly TKCIS) Adobe, Axway, QTS, Salesforce.com, SAP Agilet Solutions Symantec Agosto Google Aikya Incorporated Salesforce.com AITS (Advanced IT Services, LLC) Symantec Akira Technologies Adobe Alamo City Engineering Services, Inc Adobe, AvePoint, Avue, HP, IBM, Imperva, Oblong, Precise Biometrics, Socrata, Tripwire Alchemy Technology Group AppSense Alexander Open Systems (AOS) F5 Alliance Technology Group Symantec Allied Network Solutions Adobe, SAP Alpha Sum Business Machines Adobe, Symantec, Veritas Alpha Technologies Tintri AlphaSix Corp (Synnex) Adobe, Arista, Nutanix, Splunk, Qlik Alvarez & Associates Adobe Amerinet of Michigan F5 AnaVation, LLC Salesforce.com Angus-Hamer, Inc. Adobe Apollo (Group) Information Systems Arista, FireEye Applied Engineering Management Carahsoft CON-SKUs Corp/Vizuri Aprisa Technology Adobe, EMC, RSA, Symantec, Veritas, Vmware Aquila HP, FireEye ARH, LLC EMC, F5, Symantec Assurance Data Imperva Atrion Nimble ATSolutions Inc Nimble August Schell ALL Aurora Adobe, Jama, Symantec Aurotech Veritas Avid Systems Good Technology/Blackberry, Precise Biometrics, RSA B7 ALL BAI Federal / Blackwood Associates Inc FireEye, Gigamon, Infoblox, Splunk BCS Systems Kofax Bear Bridge Symantec, Veritas Bear Data F5 Bell Techlogix Symantec, Vmware BizTech Fusion Box Black Box Network Services Certipath Blue Door Networks Splunk Blue Tech Adobe, Jama, SafeNet, Symantec Bluesource Inc Symantec Buchanan & Edwards EMC, F5, SAP Cambridge Computer Services Nimble Carolina Advanced Digital Infoblox Cask, LLC.
    [Show full text]
  • Salesforce Shield
    Salesforce Shield Enhance protection, monitoring, and retention of critical Salesforce data Overview The State of Cloud Security Companies of all sizes and industries are using Salesforce across departments to run their businesses faster. As adoption of Salesforce for critical business capabilities grows, monitoring Security and user behavior, tracking changes to data, and preventing data privacy concerns loss is more important than ever. With more sensitive data in are the top the cloud, security and compliance requirements also become inhibitors IT organizations face increasingly complex. Salesforce Shield helps address these when trying to integrate requirements while allowing you to proactively monitor user data for a shared single activity and enforce security policies. view of customers.* Salesforce Shield provides enhanced protection, monitoring, and retention of your critical data stored in Salesforce. Improving security policies and practices is the top • Native Encryption: Natively encrypt your most sensitive data priority for IT teams while retaining critical app functionality including search, over the next 12 to 18 workflow, and validation rules. months.* • Detailed Data & Monitoring: Gain access to detailed performance, security, and usage data for your Salesforce 65% apps in order to monitor critical business data, understand of IT leaders plan on user adoption across your apps, and troubleshoot and increasing data stored in optimize custom application performance. the cloud over the next 12 - 18 months.* • Security Policies: Build flexible, customizable security policies that give IT the power to identify and prevent malicious activity in real time. Retain data history for forensic * Salesforce State of IT level compliance as well as greater operational insights into Report, 2017 your business.
    [Show full text]
  • Splunk Case Study: Familysearch
    CASE STUDY FamilySearch Moves to Continuous Delivery and Gains Real-Time Visibility for AWS Migration Industry • Online services • Nonprofit Executive summary Splunk Use Cases • Application delivery Founded over 100 years ago, FamilySearch International is the largest • DevOps genealogy organization in the world, hosting, maintaining and sharing • Cloud solution genealogical records at FamilySearch.org and through over 4,600 fam- • IT operations management ily history centers in 132 countries. FamilySearch needed a way to move • Log management to a continuous delivery model, manage its all-in migration to Amazon Web Services (AWS) and immediately troubleshoot website errors. • Security Since beginning its effort, the organization has seen benefits including: Challenges • Wanted to increase update release frequency • Successful migration from monthly releases to over 900 deploys per day • Needed to monitor and immediately detect • Ability to re-allocate 12 developers to more value-added tasks changes to website to move to a DevOps • Visibility into the AWS environment to support AWS migration strategy model • Issues with troubleshooting and keeping website stable Why Splunk Business Impact FamilySearch planned to move to a continuous delivery model on • Successful migration from monthly releases AWS to increase business agility and more rapidly deliver features to 900 deploys per day to its patrons. To do so, the company needed a monitoring service • Enabled developers to easily see whether or that could immediately detect changes across its website properties not components were healthy following the push of a new release. This service needed to support • Moved to a DevOps model and achieved continuous delivery the cultural change to a DevOps deployment model.
    [Show full text]
  • FN1206: the Path to Operational Enlightenment
    Use this if there will be two speakers for your session. FN1206: © 2019 SPLUNK INC. The Path to Operational Enlightenment An Introduction to Wire Data Simon O’Brien Vinu Alazath Principal Sales Engineer | Splunk Software Engineer | Splunk © 2019 SPLUNK INC. During the course of this presentation, we may make forward‐looking statements Forward- regarding future events or plans of the company. We caution you that such statements reflect our current expectations and estimates based on factors currently known to us Looking and that actual events or results may differ materially. The forward-looking statements made in the this presentation are being made as of the time and date of its live Statements presentation. If reviewed after its live presentation, it may not contain current or accurate information. We do not assume any obligation to update any forward‐looking statements made herein. In addition, any information about our roadmap outlines our general product direction and is subject to change at any time without notice. It is for informational purposes only, and shall not be incorporated into any contract or other commitment. Splunk undertakes no obligation either to develop the features or functionalities described or to include any such feature or functionality in a future release. Splunk, Splunk>, Turn Data Into Doing, The Engine for Machine Data, Splunk Cloud, Splunk Light and SPL are trademarks and registered trademarks of Splunk Inc. in the United States and other countries. All other brand names, product names, or trademarks belong to their respective owners. © 2019 Splunk Inc. All rights reserved. © 2019 SPLUNK INC. Agenda ​Challenges ​Product Overview ​Architecture and Deployment ​Demo ​Stream futures © 2019 SPLUNK INC.
    [Show full text]
  • SPLUNK CONNECTOR for AZURE LOGS​ Streamweaver the Only Enterprise Grade ITOM Integration Platform Send Azure Monitor and Security Logs, Metrics to Splunk
    SPLUNK CONNECTOR FOR AZURE LOGS StreamWeaver The Only Enterprise Grade ITOM Integration Platform Send Azure Monitor and Security Logs, Metrics to Splunk Microsoft Azure Here at StreamWeaver, we believe that getting monitoring and security data from one place to Log Analytics another should be a simple 3-minute process, no matter what tools, clouds, or other IT systems are involved. Splunk Enterprise The StreamWeaver Platform offers a systematic and automated approach to distributing Microsoft Azure valuable operations and security data, including event, metric, topology, and log information, to AppInsights Splunk Enterprise or Splunk Cloud, and other destinations you may be using. If you are considering how to get all of your Azure Logs and Azure Monitoring data to your FEATURES & BENEFITS Splunk environment, then you are probably faced with a few different options. Consider the following comparison: StreamWeaver for Azure Logs One-time setup to send Azure logs on a per-subscription basis Splunk HEC destination for high scalability, retries and throttling Azure Audit Logs, Security Logs, Azure Monitor Events and Metrics Secure collection and transmission of log files across Azure Function to Event Hub to Splunk Azure Event Hubs to Splunk Application Splunk Add-on for Microsoft Cloud Services Microsoft Azure Add-on for Splunk Azure Monitor Add-on for Splunk StreamWeaver data centers from Cloud to On Prem or Cloud-to-cloud Activity and Audit Logs x x x x x TCO is 10x less than the alternatives considering Security Logs x x all hardware,
    [Show full text]
  • Whose Cloud Is It Anyway? PLA1256
    © 2020 SPLUNK INC. © 2020 SPLUNK INC. Whose Cloud is It Anyway? PLA1256 Alan Ivarson Staff Cloud Architect | Splunk Matt Portnoy Senior Sales Engineer | Splunk During the course of this presentation, we may make forward‐looking statements regarding Forward- future events or plans of the company. We caution you that such statements reflect our current expectations and estimates based on factors currently known to us and that actual Looking events or results may differ materially. The forward-looking statements made in the this presentation are being made as of the time and date of its live presentation. If reviewed after Statements its live presentation, it may not contain current or accurate information. We do not assume any obligation to update any forward‐looking statements made herein. In addition, any information about our roadmap outlines our general product direction and is subject to change at any time without notice. It is for informational purposes only, and shall not be incorporated into any contract or other commitment. Splunk undertakes no obligation either to develop the features or functionalities described or to include any such feature or functionality in a future release. Splunk, Splunk>, Data-to-Everything, D2E and Turn Data Into Doing are trademarks and registered trademarks of Splunk Inc. in the United States and other countries. All other brand names, product names or trademarks belong to their respective owners. © 2020 Splunk Inc. All rights reserved © 2020 SPLUNK INC. Matt Portnoy Senior Sales Engineer | Splunk © 2020 SPLUNK INC. 1) Why are We Talking About This? Agenda These are critical capabilities as you move to the cloud Where are we going today? 2) What Does “Cloud” Mean? Which aaS are we focused on here? 3) How Does This Work? What are the rules? 4) See it in Action! Multiple examples for you to follow 5) Recap and Next Steps Don’t stop at getting the data! © 2020 SPLUNK INC.
    [Show full text]
  • Automating Network Error Detection Using Long-Short Term Memory Networks
    Automating Network Error Detection using Long-Short Term Memory Networks Moin Nadeem∗, Vibhor Nigamy, Dimosthenis Anagnostopoulosz, and Patrick Carretasx Smart Network Platform Technology, Product, & Experience Philadelphia, Pennsylvania Contact: moin [email protected]∗, vibhor [email protected], dimos [email protected], patrick [email protected] Abstract—In this work, we investigate the current flaws To begin, they are essentially free-form text with little to with identifying network-related errors, and examine how much no shared structure. The breadth of devices available makes potential K-Means and Long-Short Term Memory Networks may it difficult to compare and contrast information that is logged have in solving these problems. We demonstrate that K-Means is among various vendor and router operating system formats. able to classify messages, but not necessary provide meaningful clusters. However, Long-Short Term Memory Networks are able Secondly, as these devices are embedded hardware devices, to meet our goals of providing an intelligent clustering of messages the system logs often contain information that is too low-level by grouping messages that are temporally related. Additionally, for most purposes. This makes it difficult to directly translate Long-Short Term Memory Networks can provide the ability to these logs into network events without some domain-level understand and visualize temporal causality, which may unlock expertise to meaningfully abstract and aggregate this data. the ability to warn about errors before they happen. We explore the impact of this research, and provide some suggestions on Lastly, the information-to-noise ratio of syslog messages future work. is quite low; most syslog messages are generated purely Keywords—Machine Learning, Networking, Routing, syslogs, for debugging purposes, and have little-to-no relation to the Information Systems, Attention, Big Data.
    [Show full text]
  • Release Notes for NBAR2 Protocol Pack 37.0.0 for Cisco Wireless Controllers
    Release Notes for NBAR2 Protocol Pack 37.0.0 for Cisco Wireless Controllers • Overview, on page 2 • Supported Platforms, on page 3 • New Protocols in NBAR2 Protocol Pack 37.0.0, on page 4 • Updated Protocols in NBAR2 Protocol Pack 37.0.0, on page 10 • Deprecated Protocols in NBAR2 Protocol Pack 37.0.0, on page 16 • Caveats in NBAR2 Protocol Pack 37.0.0, on page 17 • Downloading NBAR2 Protocol Pack 37.0.0, on page 20 • Special Notes and Limitations, on page 21 Release Notes for NBAR2 Protocol Pack 37.0.0 for Cisco Wireless Controllers 1 Release Notes for NBAR2 Protocol Pack 37.0.0 for Cisco Wireless Controllers Overview Overview The NBAR2 Protocol Pack 37.0.0 release includes: • New protocols • Updated protocols • Classification improvements • Bug fixes Release Notes for NBAR2 Protocol Pack 37.0.0 for Cisco Wireless Controllers 2 Release Notes for NBAR2 Protocol Pack 37.0.0 for Cisco Wireless Controllers Supported Platforms Supported Platforms Network-Based Application Recognition (NBAR2) Protocol Pack 37.0.0 support is provided on the following Cisco Wireless Controller platforms. • Cisco 3504 Wireless Controller • Cisco 5520 Wireless Controller • Cisco 8540 Wireless Controller • Cisco Virtual Wireless Controller (vWLC) on the following platforms • VMware vSphere Hypervisor (ESXi) Version 5.x and 6.x • Hyper-V on Microsoft Servers 2012 and later versions (Support introduced in Release 8.4) • Kernel-based virtual machine (KVM) (Support introduced in Release 8.1. After KVM is deployed, we recommend that you do not downgrade to a Cisco Wireless release that is earlier than Release 8.1.) • Cisco Wireless Controllers for High Availability for Cisco 3504 controller, Cisco 5520 controller, and Cisco 8540 controller.
    [Show full text]
  • Splunk Zeros in on Devops Teams and Cloud-Native Applications With
    Market Insight Report Reprint Splunk zeros in on DevOps teams and cloud-native applications with Observability Cloud June 14 2021 by Liam Rogers The company has moved its Observability Cloud service into general availability, bringing together recent offerings and building on top of OpenTelemetry-based data collection. By bundling these services and offering streamlined pricing, Splunk aims to build its base with more DevOps and SRE teams. This report, licensed to Splunk, developed and as provided by S&P Global Market Intelligence (S&P), was published as part of S&P’s syndicated market insight subscription service. It shall be owned in its entirety by S&P. This report is solely intended for use by the recipient and may not be reproduced or re-posted, in whole or in part, by the recipient without express permission from S&P. Market Insight Report Reprint Introduction Splunk is a vendor in transition as it tightens its embrace of the cloud and brings its broad portfolio of services together into a cohesive observability platform that can meet a wide array of needs and be more competitive on pricing. Its recent announcements speak to all these points, summed up in the general availability launch of Splunk Observability Cloud, which includes the GA of its Real User Monitoring (RUM) and Log Observer services, as well as several bundled pricing tiers to simplify purchasing for customers. However, the release of Splunk Observability Cloud is as much about uniting different personas as it is about uniting often-siloed tooling. THE 451 TAKE Splunk Observability Cloud aims to entice DevOps and site reliability engineering (SRE) teams that are responsible for increasingly complex applications spanning hybrid cloud infrastructure, and it is doing so by uniting core services in a cohesive manner within a single UI and integrating metric, trace and log data that enables users to move easily between different tools as they maintain wide-ranging visibility of their IT landscape.
    [Show full text]
  • Splunk Cryptographic Module FIPS 140-2 Non-Proprietary Security Policy
    Splunk Cryptographic Module FIPS 140-2 Non-Proprietary Security Policy Document Version 1.8 January 4, 2021 Prepared for: Prepared by: Splunk Inc. KeyPair Consulting Inc. 270 Brannan Street 987 Osos Street San Francisco, CA 94107 San Luis Obispo, CA 93401 splunk.com keypair.us +1 415.848.8400 +1 805.316.5024 Copyright © 2003-2021 Splunk Inc. This non-proprietary security policy document may be freely reproduced and distributed in its entirety without modification. FIPS 140-2 Security Policy Splunk Cryptographic Module References Reference Full Specification Name [ANS X9.31] Digital Signatures Using Reversible Public Key Cryptography for the Financial Services Industry (rDSA) [FIPS 140-2] Security Requirements for Cryptographic Modules, May 25, 2001 [IG] Implementation Guidance for FIPS 140-2 and the Cryptographic Module Validation Program [FIPS 180-4] Secure Hash Standard (SHS) [FIPS 186-4] Digital Signature Standard (DSS) [FIPS 197] Advanced Encryption Standard (AES) [FIPS 198-1] The Keyed-Hash Message Authentication Code (HMAC) [SP 800-38B] Recommendation for Block Cipher Modes of Operation: The CMAC Mode for Authentication [SP 800-38C] Recommendation for Block Cipher Modes of Operation: The CCM Mode for Authentication and Confidentiality [SP 800-38D] Recommendation for Block Cipher Modes of Operation: Galois/Counter Mode (GCM) and GMAC [SP 800-38E] Recommendation for Block Cipher Modes of Operation: the XTS-AES Mode for Confidentiality on Storage Devices [SP 800-56A] Recommendation for Pair-Wise Key-Establishment Schemes Using Discrete
    [Show full text]
  • Splunk Enterprise Transformation with Azure Cloud-Based Data Analytics for Modernization Initiatives
    Splunk Enterprise Transformation with Azure Cloud-based Data Analytics for Modernization Initiatives Carahsoft has been providing cloud solutions since opening its doors in 2004. US Public Sector entities have relied on Carahsoft and our extensive Why Customers benefit network of industry and resellers partners to provide a wide variety of cloud from Splunk on Azure: technologies and procurement strategies. Carahsoft serves as the cloud distributor with our core offerings of innovative ISV technology partners • Adopting these Cloud-based products and services. Together with our industry and reseller partners we services will help agencies better focus on their mission combine software, cloud, and service providers into comprehensive relevant and tackle strategic initiatives solutions for our customers. • With the ability to quickly Deploying Splunk Enterprise on Microsoft Azure deploy Splunk on Azure, For Public Sector agency leaders who need to ensure the success of their agencies can deliver new services faster and with missions, Carahsoft offers Splunk Enterprise on Azure Cloud that drives increased performance and confident decisions and decisive actions through real-time, data-driven reliability. insights. Splunk is deployed across all three branches of the U.S. government, all cabinet-level agencies and all four branches of the U.S. • Modernize to deliver military as well as in State and Local Governments across the country. exceptional citizen services and to succeed in missions securely and efficiently. Splunk on Azure enables agencies to increase agility, reduce costs, decrease time to market and empower innovation. This offers enterprise-grade availability and scalability to support the collection of hundreds of terabytes of data per day from workloads residing on-premises, in the cloud or across hybrid environments.
    [Show full text]
  • Splunk on AWS
    .conf19 SPEAKERS: Please use this slide as your title slide. Add your headshot to the circle below by clicking the icon in the center. Splunk on AWS Igor Alekseev Partner Solution Architect | AWS THIS SLIDE IS REQUIRED, DO NOT DELETE © 2019 SPLUNK INC. Forward-Looking Statements During the course of this presentation, we may make forward-looking statements regarding future events or the expected performance of the company. We caution you that such statements reflect our current expectations and estimates based on factors currently known to us and that actual events or results could differ materially. For important factors that may cause actual results to differ from those contained in our forward-looking statements, please review our filings with the SEC. The forward-looking statements made in this presentation are being made as of the time and date of its live presentation. If reviewed after its live presentation, this presentation may not contain current or accurate information. We do not assume any obligation to update any forward-looking statements we may make. In addition, any information about our roadmap outlines our general product direction and is subject to change at any time without notice. It is for informational purposes only and shall not be incorporated into any contract or other commitment. Splunk undertakes no obligation either to develop the features or functionality described or to include any such feature or functionality in a future release. Splunk, Splunk>, Listen to Your Data, The Engine for Machine Data, Splunk Cloud, Splunk Light and SPL are trademarks and registered trademarks of Splunk Inc.
    [Show full text]