There are two kinds of threats to organizations: The known threats detected by your security infrastructure, and the unknown threats, which only emerge as abnormal patterns in system data. How can security leaders protect themselves from both types of threats?
Register for this session to learn more about big data technology that scales and provides new analytic capabilities. These insights will teach you:
How to defend against currently unknown threats to your organization
Why today's threats require you to monitor large data sets for abnormal patterns
How big data analytics can be used for adaptive monitoring
Why traditional security tool-set is not sufficient for defending against unknown threats
The traditional role of the security professional has been supported by systems that provide pre-built rules and out-of-the-box technology.
But the nature of today's threats is different.
Known threats are detected by the security infrastructure. They are reported to us by signature and rule-based systems such as anti-virus, IDS/IPS, firewalls and security information and event management systems (SIEM).
Unknown threats are seen as abnormal patterns in 'normal' IT data. Normal IT data is the result of human-to-machine and machine-to-machine interactions and activities. Our normal activities include badging into the building, getting an IP address from a DHCP server, using DNS, using a VPN and accessing enterprise applications and company information. It is in these normal activities where attackers want to hide their activities.
Splunk's powerful big-data analytics engine can accept IT risk scenario style thinking and support a security intelligence approach to discovering unknown threats while monitoring for known threats. By placing large amounts of normal machine-to-machine and human-to-machine generated data into Splunk and applying analytics, users can separate normal behaviors from ones that may be malicious. These scenarios may be based on the time a user activity occurred, how often a user accesses a system containing important data assets, the location from which the activity was initiated, or any combination of conditions.
Attend this session to learn more about big data solutions and how they can help your organization more effectively battle your known and unknown threats.
Premium Members Only
OnDemand access to this webinar is restricted to Premium Members.
Senior Director of Security and Compliance Solutions, Splunk
Seward is currently the Senior Director of Security and Compliance Solutions Marketing at Splunk. He has over 10 years of experience in the IT security management profession as a security practitioner and product manager with experience in log management and vulnerability management. Seward has a Master of Sciences in IT and a Federal CIO certification from the University of Maryland.