Archive for December, 2018

Splunk Drives Machine Learning Forward

BMW and Splunk Collaborate to Sponsor “Hackathon Beirut 2018”

MUNICH and SAN FRANCISCO – December 17, 2018 – Splunk Inc. (NASDAQ: SPLK), delivering actions and outcomes from the world of data, and BMW Group are putting machine learning into action by co-sponsoring Hackathon Beirut 2018.

The event takes place today (Monday December 17) at Antonine University in Lebanon and will see teams from seven different Lebanese universities compete to solve an “AI in Logistics” use case, using machine data provided by BMW Group and analyzed with Splunk® Enterprise and the Splunk Machine Learning Toolkit. Shortlisted teams will have the opportunity to pitch their idea to a panel of experts during the Smart Beirut Summit held on Tuesday, December 18 at Antonine University.

“BMW is a longtime Splunk customer and a leading example of utilizing machine data to its fullest to drive innovation,” said Richard Timperlake, vice president of EMEA, Splunk. “Collaborating with BMW to support the Hackathon Beirut 2018 is a great way to illustrate the potential of machine data and we look forward to seeing what the teams involved can do with the machine learning capabilities of the Splunk platform.”

For more information on how Splunk can help harness the power of machine learning, visit the Splunk website.

UCAS Secures Student Data in the Cloud With Splunk’s Help

University Admissions Service Streamlines Security Incident Response Process

SAN FRANCISCO and LONDON – December 11, 2018 – Splunk Inc. (NASDAQ: SPLK), delivering actions and outcomes from the world of data, today announced that UCAS, the Universities and Colleges Admissions Service, a charity and the UK’s shared admissions service for higher education, is using Splunk® Enterprise Security (ES) and Splunk Cloud to monitor, detect and act on security threats. UCAS is now automating significant parts of its digital infrastructure and security operations, allowing the IT team to focus on mitigating future threats and opportunities. To learn more about how UCAS is utilizing machine data for security, read the full case study or listen to the webinar.

UCAS manages almost three million applications from around 700,000 students to over 380 universities and colleges each year, culminating each August with exam results days. UCAS operates in an agile, cloud-first way and required a security solution that would provide visibility into security events across the organization and cloud applications they use. Deploying Splunk ES at the heart of its security operations centre (SOC) gives UCAS an analytics-driven approach to security, maximizing coverage but minimizing potential security threats through automation. The ability to investigate incidents and answer key questions at machine speed will support the notification requirements from multiple compliance mandates such as the General Data Protection Regulation (GDPR) and the Network and Information Systems (NIS) Directive for operators of critical national services). This provides assurance to stakeholders that key security protocols such as access controls around personal data are being implemented and used correctly across the organization.

“Students, universities and colleges trust us with their data, whether it be exam results or personal contact details, and it is our responsibility to work with leading technology companies like Splunk to safeguard it,” said Neil Bell, security assurance manager, UCAS. “Our decision to use Splunk ES and Splunk Cloud means that we are no longer firefighting day-to-day security issues and can now look to the horizon and prepare for future threats. This ensures that we are not only able to protect the existing generation of student data we hold, but we are also prepared to protect future generations as well.”

In addition to using Splunk ES and Splunk Cloud to support security at UCAS, the organization utilizes the Splunk App for Amazon Web Services (AWS) to monitor its AWS infrastructure. This helps to ensure the correct AWS configuration and optimized billing of the AWS account which is key during the exam results period when the UCAS website receives thousands of hits per second and the infrastructure scales dramatically.

“Forward-thinking organizations recognize that the best way to protect valuable data is by harnessing the power of security analytics using data they already have,” said Richard Timperlake, vice president of EMEA, Splunk. “Leveraging the Splunk portfolio to build a security nerve center, organizations like UCAS can create a security environment that is both robust and efficient.”

For more information on Splunk ES and Splunk Cloud visit the Splunk website.

Splunk Named a Leader for the Sixth Consecutive Year in Gartner’s 2018 Magic Quadrant for Security Information and Event Management

Splunk Positioned Highest Overall for Ability to Execute for Security Information and Event Management

SAN FRANCISCO – December 6, 2018 – Splunk Inc. (NASDAQ: SPLK), delivering actions and outcomes from the world of data, today announced it has been named a Leader in Gartner’s 2018 Magic Quadrant for Security Information and Event Management for the sixth straight year. Splunk was also positioned highest overall on the ability to execute axis, which we feel is a testament to Splunk’s position at the heart of the Security Operations Center (SOC). For the report, Gartner evaluated Splunk’s security offerings, including Splunk® Enterprise, Splunk Enterprise Security (ES), Splunk User Behavior Analytics (UBA) and Splunk Phantom®. For a complimentary copy of the Gartner 2018 Magic Quadrant for Security Information and Event Management, visit the Splunk website.

According to Gartner’s 2018 report, the security information and event management (SIEM) market is defined by the “customer’s need to analyze event data in real time for early detection of targeted attacks and data breaches, and to collect, store, investigate and report on log data for incident response, forensics and regulatory compliance.” Splunk significantly expanded its security portfolio offerings this year, adding machine learning capabilities and security automation, orchestration and response (SOAR) technology via its acquisition of Phantom.

“The effective use of threat intelligence, behavior profiling and analytics can improve detection success. SIEM vendors continue to increase their native support for behavior analysis capabilities as well as integrations with third-party technologies, and Gartner customers are increasingly expressing interest in developing use cases based on behavior,” wrote Gartner report authors Kelly Kavanagh, Senior Principal Analyst, Toby Bussa, VP Analyst and Gorka Sadowski, Senior Director Analyst.

“Splunk introduced the concept of analytics-driven security to the market, which has helped thousands of organizations get insights and take action on their data. Today, customers around the world are using a powerful combination of Splunk security solutions to help them detect, investigate and act on security threats faster than ever before,” said Haiyan Song, senior vice president and general manager, security markets, Splunk. “We believe Gartner’s continued recognition demonstrates Splunk’s vision of building a security nerve center that empowers our customers to act on threats rapidly with data analytics, and then remediate at machine speed while leveraging security orchestration, automation and response.”

The security skills gap is growing – recent estimates state that the industry will be short two million security professionals by next year. With that, security teams are struggling to keep up with an accelerated volume of threats and alerts that are constantly barraging their networks. As more and more customers turn to Security Operations as the center of gravity within the SOC, organizations are demanding solutions that can leverage data to automate and orchestrate threat response. Splunk unveiled its latest suite of security solutions at .conf18, the annual Splunk users conference last month, including:

– Splunk Enterprise Security 5.2, Splunk’s flagship security platform, which acts as the ‘security nerve center’ within the SOC so customers can use their data to continuously monitor, detect and respond to risk

– Splunk User Behavior Analytics 4.2, powered by machine learning, which helps customers detect anomalous behavior and known and unknown threats from inside or outside of their networks

– Splunk Phantom 4.1, the newest addition to Splunk’s security portfolio, which allows customers to automate and orchestrate a response on their security data to dramatically scale their security operations.