Building a Cyber Security Program
|
|
|
- Maximillian Fields
- 10 years ago
- Views:
Transcription
1 Copyright 2015 Splunk Inc. Building a Cyber Security Program With Splunk App for Enterprise Security Jeff Campbell CISSP+ISSAP, Splunk CerBfied Architect Cyber Security Splunk Architect Penn State Hershey Medical Center
2 Disclaimer During the course of this presentabon, we may make forward looking statements regarding future events or the expected performance of the company. We caubon you that such statements reflect our current expectabons and esbmates based on factors currently known to us and that actual events or results could differ materially. For important factors that may cause actual results to differ from those contained in our forward- looking statements, please review our filings with the SEC. The forward- looking statements made in the this presentabon are being made as of the Bme and date of its live presentabon. If reviewed auer its live presentabon, this presentabon may not contain current or accurate informabon. We do not assume any obligabon to update any forward looking statements we may make. In addibon, any informabon about our roadmap outlines our general product direcbon and is subject to change at any Bme without nobce. It is for informabonal purposes only and shall not, be incorporated into any contract or other commitment. Splunk undertakes no obligabon either to develop the features or funcbonality described or to include any such feature or funcbonality in a future release. 2
3 Jeff Campbell 3
4 Focus shiu towards Cyber More people w/specializabon New tech More data! 4
5 5
6 6
7 Dedicated Search Head 16 CPU cores Indexers 1 per 100 GB indexed 16 GB RAM review the online docs.splunk.com DocumentaBon > Splunk App for Enterprise Security > InstallaBon and ConfiguraBon Manual > Splunk Enterprise deployment planning 7
8 8
9 9
10 IdenBty Data AcBve Directory Exchange IdenBty Management Asset Data Asset & Inventory Management ConfiguraBon Management Data Center Management System 10
11 _Bme host source sourcetype user_priority user_category user_bunit user vendor_product src_bunit Common response_bme Network Sessions InformaBon dest_ip Model dest_bunit dest_category dest_dns signature dest_mac dest_nt_host dest_priority src_category src_dns src_ip tag src_mac src_nt_host src_priority durabon acbon 11
12 Alerts tag=alert ApplicaBon State (tag=listening tag=port) OR (tag=process tag=report) OR (tag=service tag=report) Interprocess Messaging tag= tag=messaging JVM tag=jvm VulnerabiliBes tag=vulnerability tag=report CerBficates tag=cerbficate Common Change Analysis tag=change Network Sessions tag=network tag=session InformaBon Intrusion DetecBon Network Model Traffic tag=network tag=communicate Ticket Management tag=bckebng 12 Performance tag=performance tag=ids tag=aoack Database tag=database Network ResoluBon (DNS) Inventory tag=inventory Web tag=web tag=network tag=resolubon tag=dns Malware tag=malware tag=aoack Updates tag=update tag=status AuthenBcaBon tag=authenbcabon NOT (acbon=success user=*$)
13 tag=network tag=communicate lines later
14 14
15 15 use the datamodelinfo command for at- a- glance view of accelerabon status
16 16
17 17
18 $SPLUNK_HOME/etc/log.cfg ##log.cfg category.savedsplunker = DEBUG,scheduler 18
19 splunk> (index=* OR index=_*) (tag=network tag=communicate) 19
20 20
21 add more indexers for beoer performance splunk> (index=* OR index=_*) (tag=network tag=communicate) 21
22 Splunk packages CIM- compliant technology add- ons with Enterprise Security Splunk_TA_bro Splunk_TA_cisco- asa Splunk_TA_cisco- esa Splunk_TA_cisco- wsa Splunk_TA_flowfix Splunk_TA_mcafee Splunk_TA_nessus Splunk_TA_nix Splunk_TA_norse Splunk_TA_sophos Splunk_TA_windows TA- airdefense TA- alcatel TA- bluecoat TA- cef TA- fireeye TA- forbnet TA- Up TA- juniper TA- ncircle TA- nmap TA- oracle TA- ossec TA- paloalto TA- rsa TA- sav TA- sep TA- snort TA- sos TA- Bppingpoint TA- trendmicro TA- websense 2: enable relevant TAs one- by- one to ensure CIM- compliant extracbons 22
23 23
24 $SPLUNK_HOME/etc/apps/Splunk_SA_CIM/local/datamodels.conf ##datamodels.conf [Authentication] acceleration = true acceleration.manual_rebuilds = true CIM datamodels in Splunk for Enterprise Security do not automabcally rebuild #configure to limit backfill during initial build # - only effective when rebuild initiated acceleration.backfill_time = - 7d 24 limit backfill range for faster producbon readiness
25 25
26 26 scale out for beoer performance
27 *nix Splunk Add- on for Unix and Linux $SPLUNK_HOME/etc/apps/Splunk_TA_nix/local/evenoypess.conf ##eventtypes.conf data models search across all indexes consider modifying evenoypes (tags) with addibonal constraints [iptables_firewall_accept] #search = = (NOT sourcetype=stash) signature=firewall action=pass OR action=permit #tags search = = os index=os unix host (NOT firewall sourcetype=stash) communicate signature=firewall success action=pass OR action=permit #tags = os unix host firewall communicate success line wrapping for readability only >300% increase in data model accelerabon performance auer adding index constraints in select TAs 27
28 28
29 29
30 30
31 31
32 32
33 33
34 34
35 35
36 run -me: 12:31 run -me: 0:21 run -me: 0:16 Dear Splunk, please stop using datamodel to search in your drilldowns Love, your users run -me: 0:07 36
37 37
38 Prepare infrastructure may need more hardware than you think Think through your authoritabve user and asset inventories Be selecbve in your TAs and apps on the ES search head Consider adding constraints to the TA evenoypes Take advantage of the accelerabon you worked so hard for Where possible, use tstats with summariesonly=t 38
39 QuesBons? 39
40 THANK YOU
Application for Splunk Enterprise
Application for Splunk Enterprise User Guide Document Version 1.77 28 October 2015 10004-01 EN Rev. A 2015 ThreatConnect, Inc. ThreatConnect is a registered trademark of ThreatConnect, Inc. UNIX is a registered
Keeping Splunk in Check: Tools to BeGer Manage Your Investment
Copyright 2015 Splunk Inc. Keeping Splunk in Check: Tools to BeGer Manage Your Investment Aaron Kornhauser Sr. Professional Services Consultant, Splunk, Inc. Vladimir Skoryk Sr. Professional Services Consultant,
COUNTERSNIPE WWW.COUNTERSNIPE.COM
COUNTERSNIPE WWW.COUNTERSNIPE.COM COUNTERSNIPE SYSTEMS LLC RELEASE 7.0 CounterSnipe s version 7.0 is their next major release and includes a completely new IDS/IPS leveraging high performance scalability
Gain Insight into Your Cloud Usage with the Splunk App for AWS
Copyright 2013 Splunk Inc. Gain Insight into Your Cloud Usage with the Splunk App for AWS Nilesh Khe
Big Data Analytics. Using Splunk. Peter Zadrozny. Raghu Kodali. Apress"
Big Data Analytics Using Splunk Peter Zadrozny Raghu Kodali Apress" Contents at a Glance About the Authors About the Technical Reviewer Acknowledgments xv xvii xix Chapter 1: Big Data and Splunk 1 ^Chapter
Open Source Security Tool Overview
Open Source Security Tool Overview Presented by Kitch Spicer & Douglas Couch Security Engineers for ITaP 1 Introduction Vulnerability Testing Network Security Passive Network Detection Firewalls Anti-virus/Anti-malware
Deploying the Splunk App for Microso> Exchange
Copyright 2014 Splunk Inc. Deploying the Splunk App for Microso> Exchange Jeff Bernt SDET Disclaimer During the course of this presentahon, we may make forward- looking statements regarding future events
Splunk Enterprise Log Management Role Supporting the ISO 27002 Framework EXECUTIVE BRIEF
Splunk Enterprise Log Management Role Supporting the ISO 27002 Framework EXECUTIVE BRIEF Businesses around the world have adopted the information security standard ISO 27002 as part of their overall risk
ACL Compliance Director FAQ
Abstract Cyber Operations, Inc., Cyber Operations, Inc. Copyright 2008 Cyber Operations, Inc. This document contains frequently asked questions about ACL Compliance Director with answers. Table of Contents...
Security OperaCons with Splunk App for Enterprise Security
Copyright 2014 Splunk Inc. Security OperaCons with Splunk App for Enterprise Security David Casey, Vice President, IT Security OperaCons Manager Flagstar Bank Disclaimer During the course of this presentacon,
Critical Security Controls
Critical Security Controls Session 2: The Critical Controls v1.0 Chris Beal Chief Security Architect MCNC [email protected] @mcncsecurity on Twitter The Critical Security Controls The Critical Security
Building a large scale CDN with Apache Trafficserver. Jan van Doorn [email protected]
Building a large scale CDN with Apache Trafficserver Jan van Doorn [email protected] About me Engineer at Comcast Cable NaBonal Engineering & Technical OperaBons NETO- VSS- CDNENG Tech Lead
Goliath Performance Monitor Prerequisites v11.6
v11.6 Are You Ready to Install? Use our pre-installation checklist below to make sure all items are in place before beginning the installation process. For further explanation, please read the official
NetFlow Analytics for Splunk
NetFlow Analytics for Splunk User Manual Version 3.5.1 September, 2015 Copyright 2012-2015 NetFlow Logic Corporation. All rights reserved. Patents Pending. Contents Introduction... 3 Overview... 3 Installation...
CAMPUS EXPERIENCES USING NET+ TRUST, IDENTITY, AND SECURITY SERVICES
CAMPUS EXPERIENCES USING NET+ TRUST, IDENTITY, AND SECURITY SERVICES Nicholas Roy Penn State (Pennsylvania State University, The) Andrea Harrington Penn State (Pennsylvania State University, The) Michael
FireEye App for Splunk Enterprise
FireEye App for Splunk Enterprise FireEye App for Splunk Enterprise Documentation Version 1.1 Table of Contents Welcome 3 Supported FireEye Event Formats 3 Original Build Environment 3 Possible Dashboard
Splunk: Using Big Data for Cybersecurity
Next Session Begins at 14:40 Splunk: Using Big Data for Cybersecurity Joe Goldberg Splunk Splunk: Using Big Data for Cybersecurity Joseph Goldberg Splunk Advanced Threats in the Headlines Cyber Criminals
Junos Pulse Supported Platforms Guide
Junos Pulse Platforms Guide 5.0R1 November 2013 Contents Introduction........................................................ 2 Documentation...................................................... 2 Hardware
60467 Project 1. Net Vulnerabilities scans and attacks. Chun Li
60467 Project 1 Net Vulnerabilities scans and attacks Chun Li Hardware used: Desktop PC: Windows Vista service pack Service Pack 2 v113 Intel Core 2 Duo 3GHz CPU, 4GB Ram, D-Link DWA-552 XtremeN Desktop
disect Systems Logging Snort alerts to Syslog and Splunk PRAVEEN DARSHANAM
disect Systems Logging Snort alerts to Syslog and Splunk PRAVEEN DARSHANAM INTRODUCTION Snort is an open source network Intrusion Detection and Prevention Systems (IDS/IPS) developed by Martin Roesch capable
simplify monitoring Environment Prerequisites for Installation Simplify Monitoring 11.4 (v11.4) Document Date: January 2015 www.tricerat.
simplify monitoring Environment Prerequisites for Installation Simplify Monitoring 11.4 (v11.4) Document Date: January 2015 www.tricerat.com Legal Notices Simplify Monitoring s Configuration for Citrix
IBM Cognos TM1 on Cloud Solution scalability with rapid time to value
IBM Solution scalability with rapid time to value Cloud-based deployment for full performance management functionality Highlights Reduced IT overhead and increased utilization rates with less hardware.
Install Guide for JunosV Wireless LAN Controller
The next-generation Juniper Networks JunosV Wireless LAN Controller is a virtual controller using a cloud-based architecture with physical access points. The current functionality of a physical controller
Using Monitoring, Logging, and Alerting to Improve ICS Security ICSJWG 2015 Fall Meeting October 27, 2015
www.encari.com Using Monitoring, Logging, and Alerting to Improve ICS Security ICSJWG 2015 Fall Meeting October 27, 2015 www.encari.com 2 The Problem Cyber attacks are not just a risk, they are a reality.
Splunk Enterprise in the Cloud Vision and Roadmap
Copyright 2013 Splunk Inc. Splunk Enterprise in the Cloud Vision and Roadmap Alex Munk PM Cloud #splunkconf Ledio Ago Director of Engineering Cloud Legal NoJces During the course of this presentajon, we
Junos Pulse Supported Platforms
Supported Platforms Guide Junos Pulse Supported Platforms Release 2.0 Juniper Networks, Inc. 1194 North Mathilda Avenue Sunnyvale, CA 94089 USA 408 745 2000 or 888 JUNIPER www.juniper.net Sep 25, 2011
Copyright 2015 Splunk Inc. Go Big or Go Home. Sean Delaney Specialist SE Mustafa Ahamed Director, Product Management
Copyright 2015 Splunk Inc. Go Big or Go Home Sean Delaney Specialist SE Mustafa Ahamed Director, Product Management Agenda! 3 Tier Approach! Design the Forwarding Tier! Design the Indexing Tier! Design
Leveraging Open Source / Freeware Solutions
Leveraging Open Source / Freeware Solutions Dean Pfoutz (CFE) Information Technology Director Indian River County Property Appraiser [email protected] (772) 226-1555 Objectives Understand the Open Source
CONSUMERIZATION OF IT BYOD and Cloud-based File Storage
CONSUMERIZATION OF IT BYOD and Cloud-based File Storage Moderator: John Payne, Principal Consultant, Pueblo Technology Group, Inc. Speakers: Royce Holden, Director of Information Technology, Greater Asheville
DEPLOYMENT GUIDE. Websense Enterprise Websense Web Security Suite TM. v6.3.1
DEPLOYMENT GUIDE Websense Enterprise Websense Web Security Suite TM v6.3.1 1996 2009, Websense, Inc. All rights reserved. 10240 Sorrento Valley Rd., San Diego, CA 92121, USA Published June 13, 2007 Printed
Suricata IDS. What is it and how to enable it
Complete. Simple. Affordable Copyright 2014 AlienVault. All rights reserved. AlienVault, AlienVault Unified Security Management, AlienVault USM, AlienVault Open Threat Exchange, AlienVault OTX, Open Threat
Installing and Configuring Websense Content Gateway
Installing and Configuring Websense Content Gateway Websense Support Webinar - September 2009 web security data security email security Support Webinars 2009 Websense, Inc. All rights reserved. Webinar
Enterprise Deployment
Enterprise Deployment Deployment Overview Version 1.1 Contents 1. Deployment Overview... 3 1.1 System Requirements... 3 2. ES1 Email Invite... 3 3. Web Based Method... 4 4. USB or Network Drive... 4 5.
EMC Security for Microsoft Exchange Solution: Data Loss Prevention and Secure Access Management
EMC Security for Microsoft Exchange Solution: Data Loss Prevention and Applied Technology Abstract Securing a Microsoft Exchange e-mail environment presents a myriad of challenges and compliance issues
Patch and Vulnerability Management Program
Patch and Vulnerability Management Program What is it? A security practice designed to proactively prevent the exploitation of IT vulnerabilities within an organization To reduce the time and money spent
Best PracBces: Deploying Splunk on Physical, Virtual, and Cloud Infrastructure
Copyright 2013 Splunk Inc. Best PracBces: Deploying Splunk on Physical, Virtual, and Cloud Infrastructure Sean Blake & Simeon Yep #splunkconf Legal NoBces During the course of this presentabon, we may
IT Business Management System Requirements Guide
IT Business Management System Requirements Guide IT Business Management 8.0 This document supports the version of each product listed and supports all subsequent versions until the document is replaced
ACE Management Server Deployment Guide VMware ACE 2.0
Technical Note ACE Management Server Deployment Guide VMware ACE 2.0 This technical note provides guidelines for the deployment of VMware ACE Management Servers, including capacity planning and best practices.
Fujitsu Managed Hosting Delivers your Cloud Infrastructure as a Service environment with confidence
Fujitsu Managed Hosting Delivers your Cloud Infrastructure as a Service environment with confidence Fujitsu supports and accelerates your adoption of cloud through a range of managed hosting services.
TIBCO LogLogic. HIPAA Compliance Suite Quick Start Guide. Software Release: 3.5.0. December 2012. Two-Second Advantage
TIBCO LogLogic HIPAA Compliance Suite Quick Start Guide Software Release: 3.5.0 December 2012 Two-Second Advantage Important Information SOME TIBCO SOFTWARE EMBEDS OR BUNDLES OTHER TIBCO SOFTWARE. USE
Splunk implementa-on. Our experiences throughout the 3 year journey
Splunk implementa-on Our experiences throughout the 3 year journey About us Harvard University University Network Services Group Serving over 2500 faculty and more than 18,000 students Jim Donn Management
IT Infrastructure Management
IT Infrastructure Management Server-Database Monitoring An Overview XIPHOS TECHNOLOGY SOLUTIONS PVT LIMITED 32/3L, GARIAHAT ROAD (SOUTH) KOLKATA 700 078, WEST BENGAL, INDIA WWW.XIPHOSTEC.COM Xiphos Technology
BITDEFENDER SECURITY FOR AMAZON WEB SERVICES
BITDEFENDER SECURITY FOR AMAZON WEB SERVICES Beta Version Testing Guide Bitdefender Security for Amazon Web Services Beta Version Testing Guide Publication date 2015.03.04 Copyright 2015 Bitdefender Legal
Rebasoft Auditor Quick Start Guide
Copyright Rebasoft Limited: 2009-2011 1 Release 2.1, Rev. 1 Copyright Notice Copyright 2009-2011 Rebasoft Ltd. All rights reserved. REBASOFT Software, the Rebasoft logo, Rebasoft Auditor are registered
Quick Setup Guide. 2 System requirements and licensing. 2011 Kerio Technologies s.r.o. All rights reserved.
Kerio Control VMware Virtual Appliance Quick Setup Guide 2011 Kerio Technologies s.r.o. All rights reserved. This document provides detailed description on installation and basic configuration of the Kerio
McAfee Network Security Platform 8.2
8.2.7.71-8.2.3.84 Manager-Mxx30-series Release Notes McAfee Network Security Platform 8.2 Revision B Contents About this release New features Enhancements Resolved Issues Installation instructions Known
PCISS-1. Job Description: Key Responsibilities: I. Perform troubleshooting& support:
PCISS-1 Job Description: Perform hardware and software installation, configuration, and upgrades Monitoring systems to ensure system availability to all users and performing necessary maintenance to support
BM482E Introduction to Computer Security
BM482E Introduction to Computer Security Lecture 7 Database and Operating System Security Mehmet Demirci 1 Summary of Lecture 6 User Authentication Passwords Password storage Password selection Token-based
Deployment Guide. Websense Web Security Websense Web Filter. v7.1
Deployment Guide Websense Web Security Websense Web Filter v7.1 1996 2009, Websense, Inc. All rights reserved. 10240 Sorrento Valley Rd., San Diego, CA 92121, USA Published 2009 Printed in the United States
OWASP Logging Project - Roadmap
OWASP Logging Project - Roadmap SUMMARY Why log?... 2 What is commonly logged?... 2 What are security logs?... 2 What are the most common issues with logging?... 2 What are the common functions of a log
Sygate Secure Enterprise and Alcatel
Sygate Secure Enterprise and Alcatel Sygate Secure Enterprise eliminates the damage or loss of information, cost of recovery, and regulatory violation due to rogue corporate computers, applications, and
Oracle Desktop Virtualization
Oracle Desktop Virtualization Oracle Desktop Virtualization Portfolio Oracle Desktop Virtualization Portfolio Software. Hardware. Complete. Oracle Virtual Desktop Infrastructure VDI desktops to users on
Infrastructure solution Options for
RFP 16-01 EXHIBIT L Infrastructure solution Options for Corporations and Charities System Contributors: Sanjeev Batta Contents Introduction... 1 Conceptual Infrastructure Design... 2 Corporations and Charities
Splunk Cloud as a SIEM for Cybersecurity CollaboraFon
Copyright 2015 Splunk Inc. Splunk Cloud as a SIEM for Cybersecurity CollaboraFon Timothy Lee CISO, City of Los Angeles Disclaimer During the course of this presentafon, we may make forward looking statements
Metalogix Replicator. Quick Start Guide. Publication Date: May 14, 2015
Metalogix Replicator Quick Start Guide Publication Date: May 14, 2015 Copyright Metalogix International GmbH, 2002-2015. All Rights Reserved. This software is protected by copyright law and international
WhatWorks in Detecting and Blocking Advanced Threats:
WhatWorks in Detecting and Blocking Advanced Threats: A Real Case Study at a Large Research Organization with WhatWorks is a user-to-user program in which security managers who have implemented effective
Datasheet FUJITSU Software Systemwalker Software Configuration Manager V15
Datasheet FUJITSU Software Systemwalker Software Configuration Manager V15 Patch application and automatic collection of information about cloud resources In modern company IT departments, virtualization
McAfee Firewall for Linux 8.0.0
Release Notes McAfee Firewall for Linux 8.0.0 Contents About this release Features Installation Known issues Find product documentation About this release This document contains important information about
IN DETAIL. Smart & Dedicated Servers
IN DETAIL Smart & Dedicated Servers Automate everything - including dedicated servers OnApp brings cloud hosting, dedicated hosting and hybrid hosting together in one platform. Through one control panel
Enterprise Network Deployment, 10,000 25,000 Users
Enterprise Network Deployment, 10,000 25,000 Users Websense software can be deployed in different configurations, depending on the size and characteristics of the network, and the organization s filtering
Cloud Computing. Adam Barker
Cloud Computing Adam Barker 1 Overview Introduction to Cloud computing Enabling technologies Different types of cloud: IaaS, PaaS and SaaS Cloud terminology Interacting with a cloud: management consoles
Host Hardening. OS Vulnerability test. CERT Report on systems vulnerabilities. (March 21, 2011)
Host Hardening (March 21, 2011) Abdou Illia Spring 2011 CERT Report on systems vulnerabilities Source: CERT Report @ http://www.kb.cert.org/vuls/bymetric 2 OS Vulnerability test Source: http://www.omninerd.com/articles/2006_operating_system_vulnerabilit
Deploying in a Distributed Environment
Deploying in a Distributed Environment Distributed enterprise networks have many remote locations, ranging from dozens to thousands of small offices. Typically, between 5 and 50 employees work at each
Protect Your IT Infrastructure from Zero-Day Attacks and New Vulnerabilities
Protect Your IT Infrastructure from Zero-Day Attacks and New Vulnerabilities Protecting a business s IT infrastructure is complex. Take, for example, a retailer operating a standard multi-tier infrastructure
Unified monitoring of your IT services PVSR
Unified monitoring of your IT services PVSR PVSR FOR ICT SERVICE PROVIDERS OR RECIPIENTS OF SERVICES PVSR is a unified platform for monitoring the service quality and performance of end-user experience,
System Requirements. SuccessMaker 5
System Requirements SuccessMaker 5 System requirements are subject to change. For the latest information on system requirements, go to support.pearsonschool.com. For more information about Digital Learning
Cisco Network Switches Juniper Firewall Clusters
Cisco Network Switches Juniper Firewall Clusters Cisco Network Infrastructure Cisco Network Infrastructure Core Network Consists of 4 Cisco 4506 switches 10 Gig E Fiber Optic Connections between switches
SUSE Cloud Installation: Best Practices Using an Existing SMT and KVM Environment
Best Practices Guide www.suse.com SUSE Cloud Installation: Best Practices Using an Existing SMT and KVM Environment Written by B1 Systems GmbH Table of Contents Introduction...3 Use Case Overview...3 Hardware
SAP Crystal Reports & SAP HANA: Integration & Roadmap Kenneth Li SAP SESSION CODE: 0401
SAP Crystal Reports & SAP HANA: Integration & Roadmap Kenneth Li SAP SESSION CODE: 0401 LEARNING POINTS Learn about Crystal Reports for HANA Glance at the road map for the product Overview of deploying
vrealize Business System Requirements Guide
vrealize Business System Requirements Guide vrealize Business Advanced and Enterprise 8.2.1 This document supports the version of each product listed and supports all subsequent versions until the document
SUSE Cloud 2.0. Pete Chadwick. Douglas Jarvis. Senior Product Manager [email protected]. Product Marketing Manager djarvis@suse.
SUSE Cloud 2.0 Pete Chadwick Douglas Jarvis Senior Product Manager [email protected] Product Marketing Manager [email protected] SUSE Cloud SUSE Cloud is an open source software solution based on OpenStack
IBM Endpoint Manager Product Introduction and Overview
IBM Endpoint Manager Product Introduction and Overview David Harsent Technical Specialist Unified Endpoint IBM Endpoint Manager and IBM MobileFirst Protect (MaaS360) Any device. Identify and respond to
Enabling the Business of IT Through Splunk Dashboarding
Copyright 2015 Splunk Inc. Enabling the Business of IT Through Splunk Dashboarding Don Mahler, Director of Performance Management, Leidos Disclaimer During the course of this presentagon, we may make forward
Pulse Secure Desktop Client
Pulse Secure Desktop Client Platforms Guide Product Release 5.1 Document Revision 2.0 Published: 2015-02-25 2015 by Pulse Secure, LLC. All rights reserved Pulse Secure, LLC 2700 Zanker Road, Suite 200
Belgacom Group Carrier & Wholesale Solutions. ICT to drive Your Business. Hosting Solutions. Datacenter Services
Belgacom Group Carrier & Wholesale Solutions ICT to drive Your Business Hosting Solutions Agenda Vision on our Why outsourcing Shared Hosting Virtual dedicated Hosting Dedicated Hosting What / Why virtualization?
Password Reset PRO INSTALLATION GUIDE
Password Reset PRO INSTALLATION GUIDE This guide covers the new features and settings available in Password Reset PRO. Please read this guide completely to ensure a trouble-free installation. March 2009
Stream Deployments in the Real World: Enhance Opera?onal Intelligence Across Applica?on Delivery, IT Ops, Security, and More
Copyright 2015 Splunk Inc. Stream Deployments in the Real World: Enhance Opera?onal Intelligence Across Applica?on Delivery, IT Ops, Security, and More Stela Udovicic Sr. Product Marke?ng Manager Clayton
SCOPE: Role Descriptions/Job Profiles
SCOPE: Role Descriptions/Job Profiles a) Computing Infrastructure 1. Exchange Administrator Assists with ensuring the availability of email servers and applications, configuring new implementations, and
IntroducJon to Splunk Cloud & Case Study: MindTouch. Praveen Rangnath Splunk César López- Natarén MindTouch Aaron Fulkerson MindTouch
Copyright 2014 plunk Inc. Copyright @ 2 014 CSomcast IntroducJon to Splunk Cloud & Case Study: MindTouch Praveen Rangnath Splunk César López- Natarén MindTouch Aaron Fulkerson MindTouch Disclaimer During
CompTIA Security+ In this course, you will implement, monitor, and troubleshoot infrastructure, application, information, and operational security.
CompTIA Security+ Duration: 40 Hrs Course Description Overview: CompTIA Security+ (Exam SY0-401) is the primary course you will need to take if your job responsibilities include securing network services,
Host/Platform Security. Module 11
Host/Platform Security Module 11 Why is Host/Platform Security Necessary? Firewalls are not enough All access paths to host may not be firewall protected Permitted traffic may be malicious Outbound traffic
The SIEM Evaluator s Guide
Using SIEM for Compliance, Threat Management, & Incident Response Security information and event management (SIEM) tools are designed to collect, store, analyze, and report on log data for threat detection,
Database SQL Server SERVER. Framework. Templates. Data. Exchange OS
Support Security SQL Server MANAGED I.T. Templates Framework SERVER Apps Network Config Data Exchange OS Load Balance Active Directory Managed I.T. Service Packages Include: DATABASE SUPPORT APPLICATIONS
Statement of Work Security Information & Event Management (SIEM) December 20, 2012 Request for Proposal No. 210802
Statement of Work Security Information & Event Management (SIEM) December 20, 2012 Request for Proposal No. 210802 Introduction The Pacific Northwest National Laboratory (PNNL) is located in Richland Washington
Webinar Information. Title: Websense Remote Filtering Audio information: Dial-in numbers:
Webinar Information Title: Websense Remote Filtering Audio information: This presentation incorporates STREAMING AUDIO. Use of speakers or headsets is required. If unable to hear streaming audio or it
Technology Highlights Of. (Medusa)
Technology Highlights Of CQCloud s NG-SIEM (Medusa) Table of Contents 1. Genesis of Medusa 2. Philosophy of Medusa 3. Medusa At a Glance 4. Medusa Overview 5. Benefits 6. Implementations 1 1. Genesis of
Security Best Practice
Security Best Practice Presented by Muhibbul Muktadir Tanim [email protected] 1 Hardening Practice for Server Unix / Linux Windows Storage Cyber Awareness & take away Management Checklist 2 Hardening Server
TCS Managed Security Services
IT OUTSOURCING VENDOR PROFILE OF: TCS Managed Security Services 1. Background... 1 2. Revenue Summary... 1 3. Key Offerings... 2 3.1.. Security Monitoring and Incident Management... 2 3.2.. Network security...
TECHNICAL WHITE PAPER. Accelerate UNIX-to-Linux Migration Programs with BMC Atrium Discovery and Dependency Mapping
TECHNICAL WHITE PAPER Accelerate UNIX-to-Linux Migration Programs with BMC Atrium Discovery and Dependency Mapping Table of Contents Who Should Read This Paper? 1 Current Economic Climate is Driving UNIX-to-Linux
Using Red Hat Network Satellite Server to Manage Dell PowerEdge Servers
Using Red Hat Network Satellite Server to Manage Dell PowerEdge Servers Enterprise Product Group (EPG) Dell White Paper By Todd Muirhead and Peter Lillian July 2004 Contents Executive Summary... 3 Introduction...
