Author Archive

Tesserent and Claroty Partner to Secure OT Environments in ANZ

MELBOURNE – 25th May 2021 – Tesserent, Australia’s largest ASX-listed cybersecurity company (ASX:TNT), has today announced a non-exclusive reseller partnership with Claroty, the industrial cybersecurity company, strengthening security in utilities, critical national infrastructure and manufacturing environments.

The partnership will help Tesserent deliver strong cyber resilience by protecting customers’ critical systems from cyber threats and downtime, while also improving overall productivity with safer connections and deeper insights into industrial assets.

Mr. Kurt Hansen, Co-CEO of Tesserent, said the Claroty capability will be delivered by Tesserent’s cyber analytics practice, Rivium, which presently provides extensive security monitoring and threat intelligence capability using Splunk.

“We are delighted to add Claroty to Rivium’s portfolio, deepening our capabilities in the OT sector and providing enhanced opportunities for both new and existing customers in Australia and New Zealand. Claroty provides the leading industrial cybersecurity platform driving visibility, continuity and resiliency in the industrial economy. Additionally, Claroty’s seamless integration with Splunk enables our team of consultants to broaden their capabilities with this new toolset,” he says.

The Claroty Platform reveals 100% of operational technology (OT), Internet of Things (IoT), and industrial IoT (IIoT) assets on enterprise networks and protects them from vulnerabilities, emerging threats, malicious insiders, and unintentional errors. Its resilient threat detection model continually monitors the network for both known and unknown threats, automatically weeds out false positives, and gives clear direction on how to take action. This is all enriched by Claroty’s extensive ecosystem of third-party technical integrations, as well as the latest threat signatures and remediation guidance from the renowned Claroty Research Team.

“Powered by its Continuous Threat Detection (CTD) and Secure Remote Access (SRA) solutions, the Claroty Platform further enhances our strong portfolio by providing a full range of industrial cybersecurity controls that connect seamlessly with customers’ existing infrastructure. These technologies will enable Tesserent and Rivium to broaden our OT and Smart Cities cybersecurity services and provide world-class security monitoring and threat detection services,” says Mr. Hansen

Commenting on the announcement, Mr. Nick Nindra, Head of Channels and Alliances, APJ at Claroty, says, “The industrial economy requires a strong ecosystem of partners in order to secure, detect, and manage assets in critical infrastructure environments. We are delighted to partner with Tesserent, Australia’s largest ASX-listed cybersecurity company, who will be pivotal to our success in bringing our strong capabilities in OT visibility, threat detection, risk and vulnerability management, and secure remote access to Australian and New Zealand customers.

“Tesserent’s Rivium team are experts in cyber analytics, machine generated data analysis and threat intelligence. Working together we will protect our mutual customers from attacks on their industrial environments and deliver effective, high-value solutions and services that address their industrial cybersecurity needs,” he says.

Tesserent’s security analytics practice, Rivium has developed extensive capabilities in security monitoring and threat detection with Splunk Enterprise Security (SIEM), Splunk User Behaviour Analytics (UBA) and Splunk Phantom (SOAR).

The integration between Claroty and Splunk extracts OT baselines, events, and alerts identified by Claroty CTD and populates them within Splunk Enterprise Security (ES). This approach will help customers gain unified visibility across an organisation’s entire IT and OT portfolio, and manage alerts from a single viewpoint within Splunk ES and extend existing SOC workflows and capabilities into OT.

Rivium’s current success with Splunk has been driven by a team of highly skilled consultants who hold certifications and accreditations to the highest level of capability with Splunk. These credentials are enhanced by the team having more than seven years’ experience in deploying these solutions across Australia and New Zealand.

ABOUT TESSERENT

Our mission is to be the sovereign cybersecurity provider of choice for the protection of Australia and New Zealand’s digital assets. Tesserent provides full service, enterprise-grade Cyber Security and networking solutions targeted at mid-market, enterprise and government customers across Australia.

The Company’s Cyber 360 strategy delivers integrated solutions covering identification, protection and 24/7 monitoring against Cyber Security threats. With in-excess of 300 people committed to helping our client with better cyber resilience, Tesserent has the capability to support organisations to defend their digital assets against increasing risks and cyber-attacks.

Tesserent has been transformed via the acquisition of several high-quality Cyber Security businesses including Pure Security, Rivium, north Security, Seer Security, airloom, Ludus Security, iQ3, Lateral Security, and Secure Logic making it Australia’s largest listed dedicated cybersecurity firm (ASX:TNT). Learn more at www.tesserent.com

ABOUT CLAROTY

Claroty is the industrial cybersecurity company. Trusted by the world’s largest enterprises, Claroty helps customers reveal, protect, and manage their OT, IoT, and IIoT assets. The company’s comprehensive platform connects seamlessly with customers’ existing infrastructure and programs while providing a full range of industrial cybersecurity controls for visibility, threat detection, risk and vulnerability management, and secure remote access—all with a significantly reduced total cost of ownership. Claroty is backed and adopted by leading industrial automation vendors, with an expansive partner ecosystem and award-winning research team. The company is headquartered in New York City and has a presence in Europe, Asia-Pacific, and Latin America, and deployments on all seven continents.

To learn more, visit www.claroty.com.

MEDIA INQUIRIES

For more information, or to arrange an interview with Tesserent, Rivium and Claroty, please contact Media-Wize’s Kathryn Van Kuyk on 0414 726 958 or kathryn@media-wize.com

.conf20 Is Coming In Less Than One Week!

.conf20 is less than one week away; and whether you’re a first time attendee or this is your 11th .conf event, Splunk is excited to share the product vision, sessions, activations and fun. To ensure you have all the details you need to make the most of .conf20 learning and networking opportunities, here are some tips:

Come as You Are

This isn’t how .conf20 was initially supposed to go, but fortunately, we are able to come together this year for the .conf20 through a digital platform.

Review the Global Agenda

As .conf20 is not only a virtual program this year, it’s set as a global one as well. Splunk’ll be coming to YOUR local time zone, so please pay attention to the published days and times. All registrations allow access to all regions — so choose the sessions that best meet your personal calendar needs. Please note that sessions will be available on-demand after their AMER scheduled time.

Join Rivium for .conf20!

So what are you waiting for? Come and join the Rivium team in .conf20 – register here, free of charge! If you’ve already registered, you can view the agenda here.

.conf20 Is Coming To You October 20-21, 2020

Have you secured your virtual spot yet for .conf20? With so many opportunities to connect, learn and get empowered, .conf20 will be the best place to help you and your customers thrive in the Data Age.

Grab your comfiest hoodie and prepare to rock the Data Age. Registration is now open and we can’t wait to see you virtually October 20-21 (21-22 EMEA & APAC) for what is expected to be the biggest .conf yet! Splunk has so many exciting opportunities for you to connect, learn and get empowered to do amazing things with data at .conf20; join us online to hear experts share their insights and gain the knowledge and tools they need to turn their data into action.

Register today and create your personalised agenda with over 200 educational sessions to choose from absolutely free of charge!

 

End of Support for Splunk Enterprise 7.1 Extended to June 30

As businesses adapt to the challenging circumstances presented by the COVID-19 pandemic, Splunk is committed to helping our customers succeed. During these unprecedented times, Splunk has decided to extend the end of support timeline for Splunk Enterprise 7.1 to June 30, 2020. This was originally scheduled for 30 April 2020.

This change gives customers a little more time to consider their options and upgrade to newer versions of the software. When making your decisions on which version to upgrade to, it’s worth knowing the end of support for other versions, which are detailed below.

  • Splunk Enterprise Version 7.1 – June 30 2020
  • Splunk Enterprise Version 7.2 – Oct 2 2020
  • Splunk Enterprise Version 7.3 – June 4 2021
  • Splunk Enterprise Version 8.0 – Oct 22 2021

As a reminder, after a version reaches its End of Support milestone, customers using that version will no longer have access to any Splunk technical assistance, product fixes or product maintenance in connection with their product entitlements, regardless of whether they have an active Support Subscription.

For further details on the Splunk Support Policy see:
https://www.splunk.com/en_us/legal/splunk-software-support-policy.html

Rivium can provide our customers the support and professional services they need to upgrade to the latest releases.  

Upgrading also opens up opportunities for customers and users to capitalise on the newest innovations in the product.

If you prefer to upgrade your environments yourself, you might find the following resources useful:

uberAgent releases special licensing arrangements for schools and universities

MELBOURNE – April 17, 2020 – Rivium Pty Ltd, a Splunk Partner and uberAgent Partner is excited to be able to offer new uberAgent licensing arrangements to schools and universities following the recent announcement made by uberAgent this week.

Under the new arrangements, institutions like schools and universities can license uberAgent based on the number of full-time employees. The license granted includes the right to use the license for the customers active students as an extra benefit.

Mr Robert Silver, Rivium CEO said, “This is a great benefit for these institutions because in the past it’s been cost prohibitive for them to roll out uberAgent to monitor student devices, which in some cases can be in excess of 80,000 students.”

“We are looking forward to working with these institutions to help them gain better visibility to improve user experience, performance, security and troubleshooting.  Under the current remote schooling arrangements, uberAgent can improve the student’s user experience through faster time to resolution of issues.”, Mr Silver said.

uberAgent is a monitoring and analytics product designed for end-user computing that doesn’t just collect data—it gives customers the information that matters. uberAgent has its own metrics, covering key aspects of user experience, application performance, and endpoint security, telling you everything you need to know about your physical PCs, virtual desktops, Citrix XenApp/XenDesktop or Windows Virtual Desktop VMs without affecting your systems’ user density. uberAgent simplifies troubleshooting, helps with sizing, and provides rich information vital for information security.

ABOUT RIVIUM

Rivium Pty Ltd, based in Melbourne Australia, is a wholly owned subsidiary of Tesserent Limited (ASX:TNT), Australia’s largest ASX listed cybersecurity company.  Rivium is a highly respected Splunk & uberAgent Partner and Consulting organisation with a strong focus on implementing and managing Splunk cybersecurity products and services.

Tesserent provides full service, enterprise-grade cybersecurity and networking solutions in Australia, and internationally in the UK and Korea.  The company’s Cyber 360 strategy delivers integrated solutions covering identification, protection and monitoring against cybersecurity threats.  The Tesserent group of companies includes Rivium, Pure Security and North Consulting.

www.rivium.com.au
www.tesserent.com
www.pure.security
www.northbdt.com.au

ABOUT UBERAGENT

vast limits, the uberAgent company, provides visibility in Windows Virtual Desktop deployments. It creates software for enterprise IT because it knows how IT professionals think and which tools they need. Its products help IT pros be more efficient by giving them exactly what they need to get their jobs done; no more, no less.

uberagent.com

MEDIA ENQUIRIES

Robert Silver
Chief Executive
Rivium Pty Ltd
+61 410 600 960
robert.silver@rivium.com.au

Rivium signs exclusive partnership with Spamhaus Technology

MELBOURNE – April 7, 2020 — Rivium Pty Ltd, a highly respected cybersecurity focused, Australian-based Elite Splunk Partner has signed an exclusive 2-year deal with Spamhaus Technology to distribute the Spamhaus threat intelligence data services to Australian customers. Under the agreement, Rivium is now the exclusive reseller for Spamhaus threat data services products in the Australian marketplace. Australian Spamhaus clients are now able to access local expertise and services to fully realise the capabilities of Spamhaus.

Mr Robert Silver, Rivium CEO said “We are extremely excited about this partnership as it allows us to extend our reach as a big data specialist in the cybersecurity marketplace by leveraging the Spamhaus threat intelligence portfolio to better protect our Australian customers.”

“Adding Spamhaus to our already robust security monitoring capabilities including Splunk Enterprise Security and Splunk User Behaviour Analytics, is a natural fit to more effectively combat cybercrime using the most timely, comprehensive and accurate information.” Mr Silver said.

Spamhaus is world renowned for its comprehensive and effective threat intelligence data sets. It is a trusted organisation which collaborates with an ever increasing global network of companies, including ISPs, hosting companies and law enforcement agencies, who share anonymised, secure information about threats and malicious activity they have experienced. The depth and breadth of intelligence, combined with the research team’s expertise, makes Spamhaus’ threat intelligence second to none.

Commenting on this exclusive partnership, Simon Forster, Spamhaus CEO said “We’re thrilled to be partnering with Rivium. Their considerable experience within the security sector will enable Australian-based customers to further enhance their security capabilities.”

ABOUT RIVIUM

Rivium Pty Ltd, based in Melbourne Australia, is a wholly owned subsidiary of Tesserent Limited (ASX:TNT), Australia’s largest ASX listed cybersecurity company.  Rivium is a highly respected Elite Splunk Partner and Consulting organisation with a strong focus on implementing and managing Splunk cybersecurity products and services.

Tesserent provides full service, enterprise-grade cybersecurity and networking solutions in Australia, and internationally in the UK and Korea.  The company’s Cyber 360 strategy delivers integrated solutions covering identification, protection and monitoring against cybersecurity threats.  The Tesserent group of companies includes Rivium, Pure Security and North Consulting.

www.rivium.com.au
www.tesserent.com
www.pure.security
www.northbdt.com.au

ABOUT SPAMHAUS TECHNOLOGY

Spamhaus is the trusted authority on threat intelligence, uniquely placed in the industry because of their strong ethics, impartiality and quality of actionable data.  This data not only protects, but also provides insight across networks and email worldwide.

With over two decades of experience their datasets are used by a wide range of industries including leading global technology companies, enterprise business and internet service providers.  Currently their IP and domain datasets protect over 3 billion mailboxes globally.

www.spamhaustech.com

MEDIA ENQUIRIES

Robert Silver
Chief Executive
Rivium Pty Ltd
+61 410 600 960
robert.silver@rivium.com.au

New York-Presbyterian and Splunk to Implement New Approach to Guard Against Misuse of Controlled Substances, Including Opioids Misuse

Splunk Helps One of the Nation’s Leading Hospital Systems Fight Prescription Fraud

SAN FRANCISCO – February 6, 2019 – Splunk Inc. (NASDAQ: SPLK), delivering actions and outcomes from the world of data, and NewYork-Presbyterian, one of the nation’s most comprehensive academic healthcare delivery systems, are collaborating to help solve one of the toughest challenges in healthcare. NewYork-Presbyterian and Splunk are working together to develop new data analytics tools that prevent the potential diversion of controlled substances, including opioids.

“At a time when overdose deaths are at crisis levels across the country and in New York City, largely due to the opioid epidemic, healthcare providers have a responsibility to safeguard against any potential diversion of drugs,” said Jennings Aske, senior vice president and chief information security officer at NewYork-Presbyterian. “NewYork-Presbyterian is taking a leading role in protecting the public by implementing highly effective controls to avoid the illegitimate use of controlled substances. Ultimately, we hope that other hospitals benefit from this new platform as well.”

NewYork-Presbyterian approached Splunk to develop the controlled substance monitoring platform, while also enhancing patient privacy, because of its products’ unique ability to synthesize big data analytics with a massive volume and a variety of data from hundreds of clinical applications, systems and data sources. NewYork-Presbyterian, which currently uses Splunk® Enterprise and Splunk Enterprise Security to monitor IT security operations, recognized that the same principles could be used to build a platform to more closely safeguard controlled substances and other medications, and ultimately benefit the greater healthcare community as a public good.

The enhanced Splunk controlled substance monitoring platform, which will be implemented in Q2 of 2019, will enable NewYork-Presbyterian to track data from electronic health records (EHRs), Electronic Prescription of Controlled Substances (EPCS) platforms, pharmacy dispensing systems and other sources, delivering insights to guard against the diversion of these medications. With the enhanced system, NewYork-Presbyterian will be able to see if drugs are being diverted for potentially illegitimate purposes. For example, the Splunk platform will immediately alert NewYork-Presbyterian if a physician were to prescribe a controlled substance to a patient not currently in the care of the hospital, or if a pharmacy technician were to use an automated dispensary cabinet more often than his or her peers. In addition, the platform will be used to safeguard against the diversion of other high-cost medications, such as certain anti-cancer drugs that can be priced at tens of thousands of dollars per month.

NewYork-Presbyterian and Splunk also are developing an enhanced data analytics tool to expand proactive security measures to protect patient privacy and investigate unauthorized access to electronic patient records from internal and external sources. NewYork-Presbyterian currently has an established and robust set of policies, protocols and system controls to protect patient information. The enhanced Splunk privacy platform will add even more safeguards, including the ability to issue alerts in real time if someone were to inappropriately view patient records. The platform has a user-friendly dashboard so the hospital’s privacy officers can easily and quickly conduct an investigation.

“Splunk is excited to work with NewYork-Presbyterian as it leads the way in helping to fight the opioid crisis with data analytics,” said Haiyan Song, senior vice president and general manager of security markets at Splunk. “In addition, we are thrilled to work with the hospital system to help it identify and respond swiftly to potential misuse of patient data. Ultimately, this will enhance NewYork-Presbyterian’s capabilities to protect their patients and provide the best possible care.”

“We are pleased to collaborate with Splunk so that NewYork-Presbyterian is among the most secure hospital systems in the nation,” Aske said. “In addition to delivering the highest quality care, we are committed to keeping our patient information private and secure. NewYork-Presbyterian is at the forefront of using advanced technology to protect our patients and provide innovative, compassionate care.”

Sandia National Laboratories Tracks Hackers and Reverses the Cost of Cyber Crime with Data-Driven Cyber Defense Platform

Supported by Splunk, The HADES Program Captures, Monitors and Analyzes Threats by Taking Action on Data

SAN FRANCISCO – February 20, 2019 – Splunk Inc. (NASDAQ: SPLK), delivering actions and outcomes from the world of data, and Sandia National Laboratories, a national security lab of the U.S. Department of Energy’s National Nuclear Security Administration (NNSA), are changing the dynamics of cyber warfare by automating threat detection and response. In this case, the Sandia detective work is done in conjunction with the underlying support structure provided by Splunk.

Sandia has launched the High-Fidelity Adaptive Deception & Emulation System (HADES) program, which routes detected threats into a virtual environment designed to emulate real-life networks. HADES enables security analysts to profile adversary movements and automate responses at machine speed, ultimately allowing Sandia to anticipate adversary tactics, better protect networks and save time and money.

As a federally-funded, multi-mission U.S. National Nuclear Security Administration research and development lab, Sandia develops, engineers and tests the non-nuclear components of nuclear weapons, making it a high-value target for cyber adversaries. HADES diverts adversaries with continuously changing targets while offering defenders an undetectable view of attacker movements. Splunk® Enterprise software takes quick action on their data by identifying and analyzing criminal behavior to activate countermeasures with confidence.

“The combined power of HADES using the Splunk Enterprise system enables analysts to run real-time cyber operations that protect our operational networks, while gaining information about the adversaries attempting to penetrate programs,” said Vincent Urias, Distinguished Member of the Technical Staff at Sandia National Laboratories. “As they move about, attackers leave breadcrumbs revealing their steps and the tactics, techniques and procedures that are valuable to prevent future attacks. This one-of-a-kind program can be a model for federal agencies who are struggling to attack and respond to cyber threats at machine speed.”

HADES maps relationships between all relevant parts of an IT ecosystem. With high-precision timestamps, Sandia can sift through data from any source to understand what adversaries are doing, then funnel that intelligence to defenders in real, operational networks. As a result, HADES can deceive, interact with and analyze adversaries in real-time.

“Sending adversaries on the cyber equivalent of a wild goose chase forces bad actors to waste money, time and resources, making cybercriminals incur sunk costs similar to those traditionally experienced only by the defender,” said Frank Dimina, vice president of public sector at Splunk. “Splunk is proud to work with dozens of federal and civilian agencies such as Sandia to tackle their toughest IT, security and IoT challenges head on with data.”

To date, HADES has used Splunk to help Sandia close the threat intelligence gap, as the information gained from HADES is already being redeployed to bolster national security and protection of federal networks.

HADES has garnered acclaim for its highly impactful and important work. Most recently, it was recognized with a Government Innovation Award alongside other celebrated public sector IT disruptors, innovators and emerging leaders.

For more information on how Sandia is using the Splunk platform to redefine real-time cyber defense strategies, visit the Splunk website.

Zeppelin Reduces Factory Engine Failures with Predictive IoT Maintenance from Splunk

Spark Plug Data Used to Keep Machinery Online with Splunk and Machine Learning

GARCHING NEAR MUNICH and SAN FRANCISCO – January 22, 2019 – Splunk Inc. (NASDAQ: SPLK), delivering actions and outcomes from the world of data, today announced that Zeppelin GmbH, is using Splunk Enterprise to reduce the risk of factory shutdowns and predict machinery and equipment maintenance. To learn more about Zeppelin GmbH and Splunk watch the video or read the full case study.

Zeppelin provides solutions in the following areas: construction machinery, mining machinery, agricultural machinery, rental machinery, construction logistics, construction site management, drive, propulsion, traction and energy, engineering, and plant engineering. It also develops new digital business models for the construction sector. The Zeppelin Group has 190 sites in 35 countries and generated a sales volume of 2.75 billion euros in the 2017 financial year; more than 8,000 employees (including trainees) contributed to this success.

Zeppelin uses the Splunk platform to analyze the performance of every single spark plug in its combined heat and power (CHP) plants. Algorithms built with Splunk Machine Learning Toolkit identify possible machinery faults ahead of time and provide a warning to avoid a potential shutdown. Zeppelin is also using Splunk Enterprise to ensure it has a centralized overview of all the machine data from its 25,000 Caterpillar machines loaned out to customers, providing better visibility back to the business on areas like usage levels.

“Equipment outages are incredibly costly on manufacturing floors and out in the field. Zeppelin’s Service Center uses the Splunk platform to predict issues ahead of time so we can preemptively send service technicians to maintain our customers’ equipment and machines before a fault occurs,” said Rene Ahlgrim, Data Scientist at Zeppelin. “Splunk Enterprise has generated immediate business value for Zeppelin and our customers. We have increased the uptime and lifecycle of our equipment, made our customers happier, and reduced costs that impact our bottom line.”

In addition to predictive maintenance, Zeppelin extended its Splunk license to absorb more data from its VMware, Nutanix and SAP systems. The team are creating patterns in the data they index in Splunk, building baselines for KPI’s such as CPU and memory and by looking in the log files, Zeppelin can detect any anomalies in the data. The Splunk platform has optimized application and operating system performance across the entire group.

“The Internet of Things holds great promise, but it’s not valuable if you can’t optimize it to secure the insights you need to maintain a competitive edge. Data can create outcomes that are a strategic edge to any business – helping to predict plant failures, foreshadow equipment problems and create new opportunities,” said Richard Timperlake, vice president of EMEA, Splunk. “Zeppelin’s investment in data analytics and machine learning with Splunk is creating big returns for the company and its customers. After all, nobody wants the piece of equipment they have rented to break down and Zeppelin’s use of data to ensure that doesn’t occur is an example of digital transformation at its best.”

For more information on Splunk Enterprise, Splunk for Industrial IoT and the Splunk Machine Learning Toolkit, visit the Splunk website.

Splunk Drives Machine Learning Forward

BMW and Splunk Collaborate to Sponsor “Hackathon Beirut 2018”

MUNICH and SAN FRANCISCO – December 17, 2018 – Splunk Inc. (NASDAQ: SPLK), delivering actions and outcomes from the world of data, and BMW Group are putting machine learning into action by co-sponsoring Hackathon Beirut 2018.

The event takes place today (Monday December 17) at Antonine University in Lebanon and will see teams from seven different Lebanese universities compete to solve an “AI in Logistics” use case, using machine data provided by BMW Group and analyzed with Splunk® Enterprise and the Splunk Machine Learning Toolkit. Shortlisted teams will have the opportunity to pitch their idea to a panel of experts during the Smart Beirut Summit held on Tuesday, December 18 at Antonine University.

“BMW is a longtime Splunk customer and a leading example of utilizing machine data to its fullest to drive innovation,” said Richard Timperlake, vice president of EMEA, Splunk. “Collaborating with BMW to support the Hackathon Beirut 2018 is a great way to illustrate the potential of machine data and we look forward to seeing what the teams involved can do with the machine learning capabilities of the Splunk platform.”

For more information on how Splunk can help harness the power of machine learning, visit the Splunk website.