Use an Analytics Driven SIEM for Targeted Attack Detection
It's no longer a question whether an organization will be breached - it's a matter of when. According to Gartner, organizations are failing at early breach detection, with fewer than 20% of breaches detected internally.* The time to detect a compromise can takes days, or even months.
Join this webinar to hear representatives from Splunk and Gartner discuss the strategic role of SIEM as a centralized solution and why organizations need to move from prevention-only solutions to detection, response and remediation.
In this session, Gartner research analyst Kelly Kavanagh will address:
- Challenges facing organizations when it comes to advanced threats
- The resources and technologies needed
- Best practices on how organizations can leverage SIEM and lean-forward technologies like user and entity behavior analytics
*Gartner; Use SIEM for Targeted Attack Detection; by Kelly Kavanagh, Toby Bussa and Oliver Rochford; June 30, 2016. GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally, and is used herein with permission. All rights reserved.
Splunk Website Terms & Conditions of Use
"Subsidiaries" means direct or indirect subsidiaries, of Splunk Inc.
Following are Subsidiaries of Splunk Inc. as of January 31, 2017:
Splunk Cayman Holding Ltd.
Splunk Information Technology (Shanghai) Co., Ltd.
Splunk Ireland Limited
Splunk Serviços do Brasil Ltda.
Splunk Services Australia Pty. Ltd.
Splunk Services Belgium BVBA
Splunk Services Canada Inc.
Splunk Services Cayman Ltd.
Splunk Services France SAS
Splunk Services FZ-LLC
Splunk Services Germany GmbH
Splunk Services Hong Kong Ltd
Splunk Services India Private Limited
Splunk Services Japan GK
Splunk Services Korea
Splunk Services LLC
Splunk Services Netherlands B.V.
Splunk Services New Zealand Limited
Splunk Services Singapore Pte Ltd
Splunk Services Sweden AB
Splunk Services UK Limited
Splunk Services Germany GmbH sucursal en España
Splunk Services Germany GmbH, Munich, Zurich Branch
Splunk Services Hong Kong Limited, Australia Branch
Splunk Services Hong Kong Limited, Taiwan Branch
Splunk Services LLC, Mexico Branch
Splunk Services UK Limited, Italy Branch
Splunk Technology Consulting (Beijing) Co., Ltd.
Effective Date: September 29, 2016
- Use Splunk’s websites or software applications (“apps”)
- Provide or update account information
- Register or attend Splunk-hosted or sponsored events (such as promotional events, webcasts, contests or hackathons)
- Order or use Splunk products, services or other offerings
- Communicate or interact with Splunk on-line or off-line, including for service of Splunk products or services installed on your premises or in the cloud
We refer collectively to these interactions as the “Services”. We explain below how we collect and use the Information you provide and the data created when you use the Services.
What We Collect and How You “Opt-Out”
Data From You or Others. While we (or third-parties acting on our behalf) may collect your Information, including Personal Information, when providing the Services, we also collect it in a variety of other ways, such as through public databases, joint marketing partners, social media platforms, conference hosts, event companies, and other third-parties. If you log in to our Services using your social media login credentials (e.g., Google+), we may receive Information, including Personal Information, as determined by the practices of the applicable social media platform.
Data From the Services (Usage and Analytics Data). We also collect and process usage data when you use our Services (e.g., ingest volume, search concurrency, number of unique user logins, apps loaded, operating system, internet protocol address, source type (count), session duration and other use data) (“Usage Data”) in order to provide, maintain, and improve our Services. (In some products, you may have the option of configuring the administrator settings to opt-out of providing this information automatically.)
In addition, we collect and process anonymized, aggregated data about a group or category of Services, features or users in order to improve the Services (“Analytics Data”). For example, Analytics Data may include anonymized Usage Data, information about the server environment (e.g., OS type/version, CPU type/version, database type/version, disk utilization), information about the devices operating the Services (e.g., browser type/version, OS type/version, device type/version), or such other similar information about user configuration or operation of Service features or functionality.
On devices that enable location-based services, we may receive location information (determined by GPS or other signals), if you consent. (We may use this information to provide personalized location-based services and content. You can restrict our access to your device’s location by adjusting the location-based service preferences on your device.)
How We Use Your Information
Splunk may use Information for various purposes, such as to:
- Fulfill your orders or respond to requests you make (e.g., for marketing materials from our website)
- Provide, improve and develop the Services, including account changes, billing and payments, customer or support services, or software updates
- Issue Splunk accounts for access to online communities
- Send administrative information, like product announcements or changes to contract terms or policies
- Send marketing communications, like educational materials or information about special offers or upcoming online or offline events, such as SplunkLive
- Invite you to participate in various promotional activities, contests, webcasts, sweepstakes, hackathons, usability studies, campaigns, surveys and product tests, and to assess their effectiveness
- Personalize your experience by focusing on, and presenting Services and offers tailored to, your interests
- Associate your mobile device with an identifier for your device. (By downloading the mobile device app, you consent to our usage.)
- Diagnose and fix technical issues and monitor the security of our environments
How We Use Analytics Data
We use Analytics Data extensively to help us better understand how our Services are being used, make improvements to them, and develop new features, products and services. For example, we may use this data to:
- Better understand how our users configure and use our Services
- Determine which configurations or practices optimize performance (e.g., best practices)
- Benchmark key performance indictors (“KPIs”)
- Perform data analysis and audits
- Identify, understand and anticipate performance issues and the environmental factors that affect them
- Other such business purposes relating to the operation, improvement, or development of our Services
How Splunk Shares Your Information
Splunk may disclose Information to third parties in the following ways:
- Affiliates. We may disclose Information to our affiliates subject to these obligations. Splunk Inc. is the party responsible for the management of jointly-used Personal Information.
- Service Providers. We may disclose Information to our third-party service providers, vendors, or others who provide services for Splunk’s business operations. This may include such things as infrastructure, data analysis, order fulfillment, IT services, customer service, professional services or audit services, among others.
- Partners and Resellers. We may disclose Information to third-parties, including our strategic partners and resellers to permit them to assess your interest in the Services, conduct user research and surveys, or send you marketing communications, subject to the terms of their privacy policies.
- Compliance and Safety. We may disclose Information as necessary or appropriate under applicable laws (including laws outside your country of residence) to: comply with legal process or requirements, including applicable notification obligations; respond to requests from public and government authorities (including public and government authorities outside your country of residence); enforce our terms and conditions; and protect our operations or those of any of our affiliates and our rights, privacy, safety, or property, and/or that of our affiliates, you or others.
- Merger, Sale, Etc. We may disclose Information in the event of a proposed or actual reorganization, merger, sale, joint venture, assignment, transfer, or other disposition of all or any portion of Splunk business, assets or stock (including in connection with any bankruptcy or similar proceedings).
- Other Users. We may disclose Information to other users of the Service in aggregated format, provided it does not include Personal Information. This may include “best practices” tips, KPIs, benchmark data or other such aggregated information useful to the user community.
How We Secure Your Information
Splunk takes reasonable administrative, technical and physical measures to safeguard Personal Information against loss, theft, and unauthorized access, disclosure, alteration, misuse, or destruction. Unfortunately, no data transmission, software, or storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any account you might have with us has been compromised), please notify us immediately in accordance with the “Contact Splunk” section below. If Splunk learns of a breach of its systems, Splunk may notify you or others consistent with applicable law and as agreed. By using the Services or providing Personal Information to Splunk, you agree that Splunk may communicate with you electronically regarding security, privacy, and administrative issues relating to your use of the Services and the Information.
How You Can Access and Correct Your Information
We give you choices regarding your access, and our use and disclosure, of your Personal Information for marketing purposes. If you would like to review, correct, or update your Personal Information contact us at: marketingops@Splunk.com. Be sure to indicate in your request what Information you would like to have changed. We will try to comply with your request(s) as soon as reasonably practicable, consistent with applicable law. Note, in some cases we may charge an administrative fee to process marketing access requests.
If you no longer want to receive marketing-related emails from Splunk on a go-forward basis, you may also contact us at the marketing email address above and request that your Personal Information be removed from marketing-related emails.
Splunk Also Observes the Following Practices
Use of Services by Minors. The Services are not directed to individuals under the age of thirteen (13) or those not of the age of majority in your jurisdiction, and we request that these individuals do not provide Personal Information through the Services.
Cross-Border Transfers. Your Personal Information may be stored and processed in any country where we have facilities or in which we engage service providers, and by using any of our Services, you consent to the transfer of Information to countries outside of your country of residence, including to the United States, which may have different data protection rules than in your country. It is your responsibility to ensure that the Information you provide to us can be legally transferred to the United States or another country.
EU-U.S. Privacy Shield. As indicated in Splunk’s Privacy Shield Notice (found here), Splunk has certified to the EU-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce.
Sensitive Information. You agree to not send us or disclose any sensitive Personal Information (e.g., information related to racial or ethnic origin, political opinions, religion or other beliefs, health, criminal background, or trade union membership) or any protected health information as defined by the Health Insurance Portability and Accountability Act of 1996 (otherwise known as “HIPAA”) Standards for Privacy of Individually Identifiable Health Information, as amended, unless otherwise provided in your written agreements with Splunk.
Splunk contractually requires third-party app developers to comply with applicable privacy and data protection laws. If third-party app developers collect and transmit information about users of their apps, Splunk contractually requires the developers to provide app users with notice of the collection and use of such data, and to obtain consent from app users before modifying the information, disclosing the information to other entities, or using the information for purposes other than to provide the services offered by the apps. Splunk cannot guarantee that third-party app developers will comply with those requirements. When choosing to use apps, add-ons or other third-party extensions, you are entering into a license agreement with those third-parties. You should familiarize yourself with the privacy policies of the organizations or individuals providing you with software that runs in or with your Splunk product.
Office of the General Counsel
250 Brannan Street
San Francisco, CA 94107
Please note that email communications are not always secure, so please do not include credit card information or other sensitive information in your emails to us.
Links to Other Policies: