Securing the Force at AWS re:Inforce

Wow! What a whirlwind these past couple of weeks have been. I migrated out east to the great city of Boston for some fresh lobster and to support my team at AWS re:Inforce. The Splunk team was everywhere during the event—we shared security integration demos at our booth, announced our Splunk Phantom and Splunk Enterprise integrations with AWS Security Hub and presented Capture the Flag challenges.

Below are some of my favorite highlights (or at least the ones I can count on my two hands).

Splunk Phantom and Splunk Enterprise Integration with Security Hub

We announced our new integration with AWS Security Hub! Splunk Enterprise and Splunk Phantom integrations with the AWS Security Hub are designed to help you further accelerate detection, investigation and response to potential threats within your AWS security environment. Splunk offerings can also leverage Amazon CloudWatch Events to provide you with data directly from AWS Security Hub. From there, you can monitor and identify potential threats across AWS Security products like Amazon GuardDuty, Amazon Inspector, and Amazon Macie directly in the Splunk platform. Additionally, the Splunk Enterprise integration automatically gathers findings from AWS Security Hub and places them into the Splunk Enterprise platform.

With the Splunk Phantom App for AWS Security Hub, findings are sent to Phantom for automated context enrichment with additional threat intelligence information or to perform automated response actions. By adding broader context to findings, your security team can make better, more well-informed decisions faster, and then execute a remediation course of action at machine speed.

Capture the Flag

Splunk and AWS users came, saw, and conquered at the re:Inforce Capture the Flag event. Splunk was proud to sponsor this event which offered attendees the opportunity to experience security through gamification of real-world security challenges. Our Splunk security specialist and Phantom product teams integrated a number of challenges into the larger competition, allowing participants to showcase their knowledge of security, Splunk, and AWS. If you’re interested in more hands-on challenges, check out our upcoming Boss of the SOC event at .conf19.

Featuring our Leaders

I’m almost out of breath typing all of the awesome activities we had at AWS re:Inforce. If you want a quick recap of our presence and learn about other developments Splunk has for the security marketing, check out theCube’s interview with Haiyan Song, SVP & GM of Security Markets, and Oliver Friedrichs, VP Security Products.

This was the inaugural AWS re:Inforce and we’re excited to see what the future holds for AWS and Splunk in the security realm. Looking forward to seeing everyone at future Splunk and AWS events!