Taking Control of Your Security Mission

This year has brought on one of the most significant technological transformations in history: a massive, global shift to the cloud, almost overnight.

A global pandemic forced the world to accelerate its embrace of multicloud and hybrid cloud environments, just so we can all use the tools and apps now necessary to work together or serve essential daily needs from a distance. 

But the sheer speed of this transformation means companies and organizations are at risk of falling behind in security coverage. While cloud is a critical enabler of transformation, security teams continue to be challenged with juggling a high volume of disparate and siloed security tools in their ecosystems.

Now security teams are being stretched thinner than before. They’ve been forced to shift priorities overnight to manage and secure a substantially larger remote workforce. Some companies, like AT&T, reported a 700% spike in VPN traffic in just the first few weeks of the global shutdown.

And while we are all busy racing to the cloud a little faster than we may have had planned, a host of new threat actors are taking advantage of the situation and exploiting security loopholes created by the speed of the acceleration.

Enter Splunk

The good news is that the Splunk Security Operations Suite is easier than trying to manage cloud security in siloed approaches, across literally hundreds of services, and it will help you transform your security strategy and get ahead of key threats in the cloud. 

This week at our annual user conference, .conf20, we will unveil even more ways for security teams to lead in the Data Age. We are introducing new updates to Splunk Mission Control — a cloud-based, unified security operations platform — to help security teams unify and modernize security operations. 

Mission Control brings together security data, analytics and operations that make it easier for security teams to manage security incidents across the entire security event lifecycle. 

Security analysts can use Mission Control to detect, investigate, contain and remediate threats from one common work surface. Mission Control also integrates Splunk’s security information and event management (SIEM) solution, Splunk’s security orchestration, automation and response (SOAR) solution, and other existing security tools into an accelerated experience. Together, these tools make security operations faster, more efficient and more effective.

Mission Control connects with numerous  third-party technologies, via the Splunk Mission Control Plug-In Framework, just announced this week. This framework accelerates the value users get by combining their Splunk and non-Splunk security tools, such as endpoint security, network security, cloud security posture and threat intelligence technologies. When integrated into Mission Control, these technologies provide unified visibility and control across the entire security ecosystem from a common, cloud-native work surface. 

And while we are excited about Mission Control, this week we will also unveil the newest version of Splunk Enterprise Security (ES). Our industry-defining SIEM solution will dramatically improve the productivity of security analysts with native Risk-Based Alerting (RBA) to transform threat investigation and response. This is a powerful capability that will help security teams refine the fidelity and priority of notable events.

This latest version of Splunk ES will also help incident responders address their most critical threats first, both in the cloud and on-premises. Splunk’s security analytics portfolio goes further by helping customers visualize and protect their cloud data and scale security operations in the cloud, no matter where they are on their journey or how quickly they are traveling.

Enterprises need automation to scale their capability and respond at machine speed. At .conf20, we will share how the latest version of Splunk Phantom, our award-winning SOAR solution, makes security automation faster and easier than ever. 

Phantom now delivers over 50,000 sustained automation events per hour. Custom Functions in Phantom will empower security teams by making playbook creation and execution faster and easier, with little to no coding required. Enterprises can apply a single custom code block across multiple playbooks, enabling faster and easier scaling of automation across a wide array of security use cases.

Join our community of security professionals at .conf20, whether it is to capture the flag at the biggest Boss of the SOC to date, or to see numerous examples and inspiring stories of success with Splunk from customers and peers. We’re excited to navigate this journey together with you. 

Ready to learn more about how Splunk can help secure your cloud journey? Join us and more than 20,000 Splunk customers and partners online at .conf20 live. We will offer updates across our security portfolio and deep dive demos. We will also show how the Data-to-Everything Platform can help unlock the power your organization needs to be ready for the Data Age

Follow all the conversations coming out of #splunkconf20!

Albert Biketi

Posted by