1
2
3
“We can generate ad-hoc reports to track any transaction or user activity QSA auditors want to see and easily show we are PCI compliant in minutes. I’ve decreed Splunk will be a part of all data center build-outs going forward.”
Suky Bal
Director of IT
Watch the webinar
“Before Splunk we couldn’t prove compliance, we couldn’t consolidate all the data, and queries took 4-5 days to run. Splunk can index everything and return results and reports in seconds. Now we’re passing every audit.”
Asif Effendi
Manager for Compliance and Governance
“We chose Splunk for PCI compliance for its ability to collate and report on any form of log file or data stream. It gives us highly granular logging information and turns any data into a concise management report.”
Peter D. Bassill, CISSP
Group Information Security Officer

Security and Compliance

Provide Situational Awareness and Affordable Compliance

Today's IT infrastructures are becoming increasingly difficult to defend with a mix of external attacks, malicious insiders and application-level vulnerabilities taking center stage. No longer is the norm of monitoring a small subset of IT infrastructure data enough to ensure a strong security posture. Data from across the entire IT infrastructure has become security-relevant. To provide defense-in-depth, security teams must have insight into what's happening within their virtual and non-virtual infrastructure: applications, networks, operations and even custom applications.

To add to the data challenge, security teams have to deal with an overwhelming number of false alarms and attacks that are difficult to detect. Responding to alarms remains a highly manual, slow and tedious process: dozens of consoles for the many silos of network devices and security systems. Even SIEMs, the self-proclaimed nirvana for enterprise security, lack the critical information needed for incident response and investigations. All of this while the clock is ticking.

At the same time, compliance mandates such as PCI, SOX, HIPAA and FISMA require businesses to protect, track, and control access to and usage of sensitive information. Each requirement has it its own set of complicated, costly, and time consuming demands. Addressing these strains IT resources and creates redundant processes and expenditures within an organization.

Splunk solves these challenges in one place. By turning all of an organization's IT data into security-relevant information, Splunk radically cut incident investigation times by searching all security-relevant data in seconds, for all types of security risks including complex fraud and insider threat issues. Monitor all security-relevant data to maintain situational awareness. Satisfy the requirements of multiple mandates in the same system, such as PCI, SOX and FISMA. Meet specific requirements to securely collect and retain audit trails, and perform file integrity monitoring. Streamline log monitoring and analysis, by using and analyzing all your logs securely from one central location – not just security, network and host logs, but also all the application logs.

Learn how to use Splunk for Security and Compliance. Click on the area below that interests you.

Next Steps

Solution Guide
Splunk for Security
Solution Guide
Splunk for Compliance
Whitepaper
Demystifying Compliance
Whitepaper
Security, Compliance & Virtualization
Webinar
Forrester Webcast: SIM Overview