Analysis of machine-generated data can play an important role in a sophisticated layered defense for your data and systems, but getting there can be challenging even with advanced intelligence platforms. Splunk– provider of an engine that collects, indexes and analyzes massive volumes of machine-generated data–is out to change that with today’s release of version 2.4 of the Splunk App for Enterprise Security, which makes the statistical analysis tools, dashboards and visualizations available out of the box. “Statistical analysis is the new weapon of the security warrior defending against threats that bypass traditional security detection systems,” says Mark Seward, senior director of security and compliance at Splunk.<\/p>\n
<\/p>\n","protected":false},"excerpt":{"rendered":"
“Companies now understand that hidden in the terabytes of user-generated machine data are abnormal patterns of activity that represent the presence of malware or the behavior of malicious insiders,” Seward adds. “The new Splunk App for Enterprise Security enables statistical analysis of HTTP traffic to help security professionals determine a baseline for what’s normal, quickly detect outliers and use those events as starting points for security analysis and investigation.”<\/p>\n
The new version of Splunk App for Enterprise Security automates monitoring and correlation of these outliers and anomalies in real time and presents the resulting analysis via dashboards and alerts.<\/p>\n
<\/p>\n
“As long as you’re capturing proxy data, for example, all of that data will automatically go into the Splunk App for enterprise Security and all of those statistical outliers will be there and available to you.”<\/p>\n
<\/p>\n
“Finding advanced threats is hard,” adds Jim Krev, Sr., security manager of Fieldglass, a provider of vendor management system (VMS) technology that two years ago replaced its legacy Security Information and Event Management (SIEM) tool with Splunk Enterprise and the Splunk App for Enterprise Security.<\/p>\n
<\/p>\n
What Splunk has done with the Enterprise Security 2.4 release is make it easier to find and visualize unusual characteristics of data using statistics,” Krev says.<\/p>\n
<\/p>\n