TIPS & TRICKS

Adaptive Response: A Level Deeper for Continued Customer Success

Splunk at RSA Conference 2017bOver the past three or four years, we’ve been hearing more and more about analytics-driven security at RSA. Years ago, when Splunk first introduced the concept to the marketplace, we were living in a world where security practitioners were still focusing on prevention, rather than detection. Since then, advanced cyber adversaries have forced security analysts to change the way they think about posture. Security analysts no longer buy into the idea that there is a silver bullet for security, and vendors acknowledge that security is a team sport. With this shift in mindset comes a change in strategy, where end-to-end context and cross-vendor analytics are emphasized to better detect and respond to threats in real time. Detection is now king.

To truly gain end-to-end context, a multi-vendor approach with analytics at the center of the security operation center (SOC) is needed. That’s why we launched the Adaptive Response Initiative at the 2016 RSA Conference. The Adaptive Response Initiative is a best-of-breed security collective specifically designed to combat advanced attacks through a unified defense. By leveraging Splunk’s Adaptive Response framework, our customers and partners gain insights into all relevant data, helping security analysts discover new ways to gain end-to-end context and improve security posture.

adaptive-response-graphicToday, we are pleased to announce that five new members have joined the Adaptive Response Initiative– AlgoSec, Demisto, RedSeal, Resolve Systems and Symantec (Advanced Threat Protection), who integrate security policy management, incident response and endpoint security capabilities into the Adaptive Response framework. We welcome these partners and look forward to working with them as we arm security analysts with the tools needed to coordinate an automated response and keep ahead of the bad guys.

Want to learn more about Splunk, Adaptive Response, or the 20+ other members of the initiative? Join us at RSA Conference 2017, where we’ll be offering demos in the Splunk booth (North Expo #3421) all week.

Or follow along online:

And we're off and running at the Splunk theater N3421 at @rsaconference #rsac #splunksecurity

A post shared by Splunk (@splunk) on

Thanks,
Monzy Merza

Monzy Merza
Posted by

Monzy Merza

Monzy Merza serves as the head of security research at Splunk. With over 15 years of cybersecurity leadership in government and commercial organizations, Monzy is responsible for helping advise and implement strategic security programs for Splunk’s cybersecurity customers, working hand-in-hand with executives across the Fortune 500 to develop modern security architectures. Monzy is also responsible for leading the Splunk Cyber Research team, which arms Splunk customers with actionable threat intelligence to combat advanced threats. A noted international speaker, Monzy frequently presents at government and industry events on topics such as nation state threat defense and machine learning. His current security research is focused on integrated approaches to human-driven and automated responses to targeted cyberattacks

Join the Discussion