Cyber Security Institute

§ Current Worries

Top 3 Worries

  • Regulations
  • Old Firewall Configurations
  • Security Awareness

§ Listening

For the best information

  • The underground
  • Audible
  • Executive Excellence
  • Music (to keep me sane)

§ Watching

For early warnings

  • 150 Security Websites
  • AP Newsfeeds
  • Vendors

Thursday, February 09, 2012

Splunk Launches Splunk App for Enterprise Security 2.0

Splunk today announced the general availability of its Enterprise Security Intelligence Solution, consisting of the Splunk App for Enterprise Security 2.0, and SplunkĀ® EnterpriseĀ™ 4.3, the company’s flagship software for collecting, indexing and harnessing machine data.

News features include:
- Real-time Event Correlation: Searches and alerts drive continuous monitoring of critical assets using dashboards and communications to members of the security team
- Dashboards: Visualizations of security data support more than 100 security metrics and over 160 reports
- Drill-down and drill-across: In a single click, users can access raw data quickly for analysis and pivot across the raw data-types to follow an investigation wherever it leads
- Federated Identity Monitoring: Correlation of multiple user identities to identify and investigate user activities across the IT infrastructure
- Enhanced incident management: The ability to reprioritize, reassign and journal security events for quick resolution and incident response
- Operationalization of findings: Once a forensic investigation is complete, users can click the “save” button to continuously monitor and alert for the same condition.

Posted on 02/09