SlideShare une entreprise Scribd logo

Delivering Operational Intelligence at NAB with Splunk, Gartner Symposium ITXpo 2012

Splunk
Splunk

National Australia Bank has gained new operational visibility and intelligence using Splunk and their machine data. Learn how hundreds of Splunk users within these organizations turn terabytes of machine data into increased uptime, improved service delivery, real-time customer insights, enhanced security posture, informed capacity planning and more.

Technologie
1  sur  23
Télécharger pour lire hors ligne
    Mining  Security  Data     Security  Surveillance  and  the  case  for  data  reuse  
Na0onal  Australia  Bank   •  Financial  services  organisa5on  with  over  40,000  employees   •  Opera5ng  more  than  1,800  branches  and  service  centres   •  Responsible  to  more  than  460,000  shareholders   •  Major  financial  services  franchises  in  Australia,  New  Zealand,  Asia,  the  United   Kingdom  and  the  United  States   •  CommiKed  to  providing  quality  products  and  services,  fair  fees  and  charges,  and   rela5onships  built  on  the  principles  of  help,  guidance  and  advice  
Introducing  Jamie   •  Security  Program  Manager,  Informa5on  Security  Services   •  Senior  Manager,  nabCERT  SOC   •  Na5onal  Australia  Bank’s  Computer  Emergency  Response  Team   •  Won  SC  Magazine  Award  for  Organiza5onal  Excellence  in   Informa5on  Security   •  12+  years  in  technology   •  Held  various  roles  at  NAB:   •  Info  Security  team  leader   •  Architecture  and  strategy   •  Project  management   •  Consul5ng  
Five  Areas  of  Interest   What’s  the   user  doing?   What’s   What’s  the   happening  on   machine   the  network?   doing?   What’s   What’s  the   happening  to   app  doing?   the  data?  
Defining  (some  of)  the  Issues  the  SOC  Faced   •  Need  to  improve  incident  response  5mes   •  Require  greater  visibility  into  security  events   •  Achieve  contextualized  /  enriched  aler5ng   •  Correlate  across  systems   •  Deal  with  different  log  formats     •  Add  new  or  modified  log  formats   •  Avoid  custom  code  (10  different  security  analysts)   •  Limit  to  resource  availability  for  manual  (bespoke)  inves5ga5ons  
Why  Splunk?  ROI  for  nabCERT   •  Stood  up  Splunk  quickly   •  Onboard  and  integrate  data  once—easily   •  No  need  to  re-­‐import  when  applica5ons  or  formats  change   •  Keeps  the  team  in  the  business  of  security  analysis  and  out  of  the   business  of  building  parsers  and  connectors   •  Proven  to  be  effec$ve  and  efficient   “Splunk  gave  us  the  speed  of  deployment     and  results  we  were  looking  for.”  
Case  Study  One   •  Primary  objec5ve:  Significantly  reduce  the  5me  to  complete  electronic  searches  of   email  archives  to  meet  legal  requests   •  Email  logs  easily  searchable,  by  user,  subject,  5meframe   –  Effec5ve?  Yes   •  Ability  to  perform  searches  based  on  subject,  sender,  recipient,  date  /  5me   •  Results  used  by  the  team  to  finalise  acquisi5on  of  all  per5nent  material   –  Efficient?  Yes   •  No  more  grep   •  Search  5mes  reduced  to  minutes  vs.  hours  or  days  (per  inves5gator)   •  Concurrent  searching  of  datasets  by  the  inves5ga5ve  team  
You’re  Mining  For  Gold  In  Your  Data…   Au
If  You  Are  Going  To  That  Much  Trouble   Ag Pb Fe Cu Ni
Who  Are  Our  Data  Consumers?   Infrastructure   Business   Applica0on   Fraud  Team   Performance   Partners   Support   Management   Service   Network   Delivery   Security   Managers  
Case  Study  Two:  DHCP  Logs   Service  Delivery   Security   Opera5ons   •  Detec5ng  unauthorized  devices   •  Ensuring  op5mum  connec5vity  /   •  Monitor  based  on  standard  naming   produc5vity   conven5on  +  Ac5ve  Directory   •  Alerts  for  insufficient  IP/  subnet   creden5als   coverage  across  the  network   •  Add  MAC  address  lookup  to  confirm   •  Alerts  when  subnets  are  full   a  "good"  device   •  Visibility  into  underu5lized  subnets   •  Triggers  ac5on  for  Network  team  to   reallocate/  reassign  Subnet   Our  approach  is  to  maximise  the  u=lity  from  every  log  source  collected  and   indexed,  not  j11   for  security   ust  
DHCP  Dashboard—Security  View   Use  commentary  on  the   dashboard   Cause  /  Impact  /  Resolu5on  
DHCP  Dashboard  –  Network  Service  View     Don’t  use  Average,   use  Most  Common   (mode),  median  and   90%  Percen5le.   13  
Network  Service  View  #2   Users  cannot  connect  to   the  network,  or  have   delays  connec5ng  in  hot   desk  areas.  
DHCP  Dashboard  –  Infrastructure  View   Capacity  and  availability   issues  for  the  team   suppor5ng  these  services,  as   well  as  Service  Desk.  
Case  Study  Three:  The  AUer  Hours  Worker   Who  is  working  late  and  how   open  during  the  week?   Are  they  using  the  same   worksta5on?  
Case  Study  4:  SOC  to  the  Rescue   The  ‘gold’  in  this  case  happens  to   be  a  log  line  that  resolved  a  three   week  issue  causing  significant   disrup5on  to  a    business  unit.  
Enriched  Data  Drives  Ac0on   "  Single  log  type  (DHCP)  from  1,000+  DHCP  servers   "  Security  (nabCERT  SOC)  gets  the  “gold”  it  is  aper   "  Networks,  Security  Opera5ons  (Firewalls),  Service  Management,   Infrastructure  support,  Building  services  get  what  is  of  value  to  them   " Splunk  search  language  calcula5ons  to  pinpoint  most  cri5cal     –  Min,  Median,  Mode,  Max,  90th  percen5le     "  Cross-­‐reference  with  other  data  (IP  address  database)     "  Provide  the  teams  with  the  facts,  in  context,  with  an  explana5on  and   remedy   18  
Democra0zing  Data  (In  A  Secure  Fashion)   •  Take  a  collabora5ve  approach   •  Give  us  your  data,  we’ll  give   you  more  value     •  Dashboards  for  specific  teams   so  they  can  drill  down   themselves  for  problem  solving   •  Role-­‐based  access  ensures   access  only  to  relevant  data   •  Look  beyond  the  gold  (what   you  are  aper)  
Back  to  the  Case  Study  One  (Legal)   •  Reuse  case  1:  Data  loss   Primary  objec5ve:   protec5on  supplement   Significantly  reduce  5me  to   •  Reuse  case  2:  User  ac5vity   complete  electronic   baselining   searches  for  legal   •  Reuse  case  3:  Validate  spam  /   spoof  controls   •  Reuse  case  4:  User  Access   Revalida5on  supplement   20  
What’s  Next?     •  More  re-­‐use  cases  from  our  data     •  More  applica5on  and  databases   •  Complete  key  infrastructure  collec5on   •  Look  for  the  opportuni5es   •  Take  the  5me  to  look  for  the  win:win   Think  and  plan  strategically,  work  tac=cally  
Ques0ons?  
Splunk  Company  Overview   Company  (NASDAQ:  SPLK)   "  Founded  2004,  first  sopware  release  in  2006   "  HQ:  San  Francisco  /  Region  HQ:  London,  Hong  Kong   "  Over  600  employees,  based  in  10  countries   "  Q2  Revenue:  $44.5  million;  +71%  year-­‐over-­‐year   Business  Model  /  Products   "  Free  download  to  massive  scale   "  On-­‐premise,  in  the  cloud  and  SaaS     4,400+  Customers   "  Customers  in  over  80  countries   "  54  of  the  Fortune  100   "  Largest  license:  100  Terabytes  per  day     See  us  on  the  ITXpo  Showfloor  in  booth  S2   23  

Recommandé

White Paper: Six-Step Competitive Device Evaluation
White Paper: Six-Step Competitive Device EvaluationWhite Paper: Six-Step Competitive Device Evaluation
White Paper: Six-Step Competitive Device EvaluationIxia
 
Ca partner day - qualità servizi - roma 2 di 2
Ca partner day - qualità servizi - roma 2 di 2Ca partner day - qualità servizi - roma 2 di 2
Ca partner day - qualità servizi - roma 2 di 2CA Technologies Italia
 
Your Applications Are Distributed, How About Your Network Analysis Solution?
Your Applications Are Distributed, How About Your Network Analysis Solution?Your Applications Are Distributed, How About Your Network Analysis Solution?
Your Applications Are Distributed, How About Your Network Analysis Solution?Savvius, Inc
 
Preventing The Next Data Breach Through Log Management
Preventing The Next Data Breach Through Log ManagementPreventing The Next Data Breach Through Log Management
Preventing The Next Data Breach Through Log ManagementNovell
 
BreakingPoint Resiliency Score Data Sheet
BreakingPoint Resiliency Score Data SheetBreakingPoint Resiliency Score Data Sheet
BreakingPoint Resiliency Score Data SheetIxia
 
Accelerate to the Cloud
Accelerate to the CloudAccelerate to the Cloud
Accelerate to the CloudNovell
 
InfoSphere Streams Technical Overview - Use Cases Big Data - Jerome CHAILLOUX
InfoSphere Streams Technical Overview - Use Cases Big Data - Jerome CHAILLOUXInfoSphere Streams Technical Overview - Use Cases Big Data - Jerome CHAILLOUX
InfoSphere Streams Technical Overview - Use Cases Big Data - Jerome CHAILLOUXIBMInfoSphereUGFR
 
Cloud Connect
Cloud ConnectCloud Connect
Cloud Connectctrlsblog
 

Recommandé

White Paper: Six-Step Competitive Device Evaluation
White Paper: Six-Step Competitive Device EvaluationWhite Paper: Six-Step Competitive Device Evaluation
White Paper: Six-Step Competitive Device EvaluationIxia
 
Ca partner day - qualità servizi - roma 2 di 2
Ca partner day - qualità servizi - roma 2 di 2Ca partner day - qualità servizi - roma 2 di 2
Ca partner day - qualità servizi - roma 2 di 2CA Technologies Italia
 
Your Applications Are Distributed, How About Your Network Analysis Solution?
Your Applications Are Distributed, How About Your Network Analysis Solution?Your Applications Are Distributed, How About Your Network Analysis Solution?
Your Applications Are Distributed, How About Your Network Analysis Solution?Savvius, Inc
 
Preventing The Next Data Breach Through Log Management
Preventing The Next Data Breach Through Log ManagementPreventing The Next Data Breach Through Log Management
Preventing The Next Data Breach Through Log ManagementNovell
 
BreakingPoint Resiliency Score Data Sheet
BreakingPoint Resiliency Score Data SheetBreakingPoint Resiliency Score Data Sheet
BreakingPoint Resiliency Score Data SheetIxia
 
Accelerate to the Cloud
Accelerate to the CloudAccelerate to the Cloud
Accelerate to the CloudNovell
 
InfoSphere Streams Technical Overview - Use Cases Big Data - Jerome CHAILLOUX
InfoSphere Streams Technical Overview - Use Cases Big Data - Jerome CHAILLOUXInfoSphere Streams Technical Overview - Use Cases Big Data - Jerome CHAILLOUX
InfoSphere Streams Technical Overview - Use Cases Big Data - Jerome CHAILLOUXIBMInfoSphereUGFR
 
Cloud Connect
Cloud ConnectCloud Connect
Cloud Connectctrlsblog
 
Cloud computing bringing the dark side of enterprise apps into the light by...
Cloud computing bringing the dark side of enterprise apps into the light by...Cloud computing bringing the dark side of enterprise apps into the light by...
Cloud computing bringing the dark side of enterprise apps into the light by...Khazret Sapenov
 
Cloud computing
Cloud computingCloud computing
Cloud computingRohith Shankar
 
CyberCrime in the Cloud and How to defend Yourself
CyberCrime in the Cloud and How to defend Yourself CyberCrime in the Cloud and How to defend Yourself
CyberCrime in the Cloud and How to defend Yourself Alert Logic
 
Ixia anue maximum roi from your existing toolsets
Ixia anue maximum roi from your existing toolsetsIxia anue maximum roi from your existing toolsets
Ixia anue maximum roi from your existing toolsetsresponsedatacomms
 
Migrating To Cloud & Security @ FOBE 2011
Migrating To Cloud & Security @ FOBE 2011Migrating To Cloud & Security @ FOBE 2011
Migrating To Cloud & Security @ FOBE 2011commandersaini
 
Cloud Computing security Challenges for Defense Forces
Cloud Computing security Challenges for Defense ForcesCloud Computing security Challenges for Defense Forces
Cloud Computing security Challenges for Defense Forcescommandersaini
 
20120524 cern data centre evolution v2
20120524 cern data centre evolution v220120524 cern data centre evolution v2
20120524 cern data centre evolution v2Tim Bell
 
SplunkLive! Toronto - Ceryx
SplunkLive! Toronto - CeryxSplunkLive! Toronto - Ceryx
SplunkLive! Toronto - CeryxSplunk
 
VMworld 2013: VMware NSX: A Customer’s Perspective
VMworld 2013: VMware NSX: A Customer’s Perspective VMworld 2013: VMware NSX: A Customer’s Perspective
VMworld 2013: VMware NSX: A Customer’s Perspective VMworld
 
Minicom White Paper Using Ram To Increase Security And Improve Efficiency In ...
Minicom White Paper Using Ram To Increase Security And Improve Efficiency In ...Minicom White Paper Using Ram To Increase Security And Improve Efficiency In ...
Minicom White Paper Using Ram To Increase Security And Improve Efficiency In ...elisasson
 
Migrate from Red Hat to SUSE Linux Enterprise Server
Migrate from Red Hat to SUSE Linux Enterprise ServerMigrate from Red Hat to SUSE Linux Enterprise Server
Migrate from Red Hat to SUSE Linux Enterprise ServerNovell
 
Novell Success Stories: Collaboration in Government
Novell Success Stories: Collaboration in GovernmentNovell Success Stories: Collaboration in Government
Novell Success Stories: Collaboration in GovernmentNovell
 
What does performance mean in the cloud
What does performance mean in the cloudWhat does performance mean in the cloud
What does performance mean in the cloudMichael Kopp
 
Dell Networking Wired, Wireless and Security Solutions Lab
Dell Networking Wired, Wireless and Security Solutions LabDell Networking Wired, Wireless and Security Solutions Lab
Dell Networking Wired, Wireless and Security Solutions LabDell World
 
Juniper Services and Support
Juniper Services and SupportJuniper Services and Support
Juniper Services and SupportMarketingArrowECS_CZ
 
Building Cloud capability for startups
Building Cloud capability for startupsBuilding Cloud capability for startups
Building Cloud capability for startupsSekhar Mohanty
 
Challenges faced by small and medium business
Challenges faced by small and medium businessChallenges faced by small and medium business
Challenges faced by small and medium businessNevales Networks
 
How to choose the right IPAM for your organization final
How to choose the right IPAM for your organization finalHow to choose the right IPAM for your organization final
How to choose the right IPAM for your organization finalMichal Hrncirik
 
Palo alto safe application enablement
Palo alto safe application enablementPalo alto safe application enablement
Palo alto safe application enablementresponsedatacomms
 
Big Events Cause Network Mayhem
Big Events Cause Network MayhemBig Events Cause Network Mayhem
Big Events Cause Network MayhemPacketTrap Msp
 
Challenges in Practicing High Frequency Releases in Cloud Environments
Challenges in Practicing High Frequency Releases in Cloud Environments Challenges in Practicing High Frequency Releases in Cloud Environments
Challenges in Practicing High Frequency Releases in Cloud Environments Liming Zhu
 
Tiger oracle
Tiger oracleTiger oracle
Tiger oracled0nn9n
 

Contenu connexe

Tendances

Cloud computing bringing the dark side of enterprise apps into the light by...
Cloud computing bringing the dark side of enterprise apps into the light by...Cloud computing bringing the dark side of enterprise apps into the light by...
Cloud computing bringing the dark side of enterprise apps into the light by...Khazret Sapenov
 
CyberCrime in the Cloud and How to defend Yourself
CyberCrime in the Cloud and How to defend Yourself CyberCrime in the Cloud and How to defend Yourself
CyberCrime in the Cloud and How to defend Yourself Alert Logic
 
Ixia anue maximum roi from your existing toolsets
Ixia anue maximum roi from your existing toolsetsIxia anue maximum roi from your existing toolsets
Ixia anue maximum roi from your existing toolsetsresponsedatacomms
 
Migrating To Cloud & Security @ FOBE 2011
Migrating To Cloud & Security @ FOBE 2011Migrating To Cloud & Security @ FOBE 2011
Migrating To Cloud & Security @ FOBE 2011commandersaini
 
Cloud Computing security Challenges for Defense Forces
Cloud Computing security Challenges for Defense ForcesCloud Computing security Challenges for Defense Forces
Cloud Computing security Challenges for Defense Forcescommandersaini
 
20120524 cern data centre evolution v2
20120524 cern data centre evolution v220120524 cern data centre evolution v2
20120524 cern data centre evolution v2Tim Bell
 
SplunkLive! Toronto - Ceryx
SplunkLive! Toronto - CeryxSplunkLive! Toronto - Ceryx
SplunkLive! Toronto - CeryxSplunk
 
VMworld 2013: VMware NSX: A Customer’s Perspective
VMworld 2013: VMware NSX: A Customer’s Perspective VMworld 2013: VMware NSX: A Customer’s Perspective
VMworld 2013: VMware NSX: A Customer’s Perspective VMworld
 
Minicom White Paper Using Ram To Increase Security And Improve Efficiency In ...
Minicom White Paper Using Ram To Increase Security And Improve Efficiency In ...Minicom White Paper Using Ram To Increase Security And Improve Efficiency In ...
Minicom White Paper Using Ram To Increase Security And Improve Efficiency In ...elisasson
 
Migrate from Red Hat to SUSE Linux Enterprise Server
Migrate from Red Hat to SUSE Linux Enterprise ServerMigrate from Red Hat to SUSE Linux Enterprise Server
Migrate from Red Hat to SUSE Linux Enterprise ServerNovell
 
Novell Success Stories: Collaboration in Government
Novell Success Stories: Collaboration in GovernmentNovell Success Stories: Collaboration in Government
Novell Success Stories: Collaboration in GovernmentNovell
 
What does performance mean in the cloud
What does performance mean in the cloudWhat does performance mean in the cloud
What does performance mean in the cloudMichael Kopp
 
Dell Networking Wired, Wireless and Security Solutions Lab
Dell Networking Wired, Wireless and Security Solutions LabDell Networking Wired, Wireless and Security Solutions Lab
Dell Networking Wired, Wireless and Security Solutions LabDell World
 
Building Cloud capability for startups
Building Cloud capability for startupsBuilding Cloud capability for startups
Building Cloud capability for startupsSekhar Mohanty
 
Challenges faced by small and medium business
Challenges faced by small and medium businessChallenges faced by small and medium business
Challenges faced by small and medium businessNevales Networks
 
How to choose the right IPAM for your organization final
How to choose the right IPAM for your organization finalHow to choose the right IPAM for your organization final
How to choose the right IPAM for your organization finalMichal Hrncirik
 
Palo alto safe application enablement
Palo alto safe application enablementPalo alto safe application enablement
Palo alto safe application enablementresponsedatacomms
 

Tendances (19)

Cloud computing bringing the dark side of enterprise apps into the light by...
Cloud computing bringing the dark side of enterprise apps into the light by...Cloud computing bringing the dark side of enterprise apps into the light by...
Cloud computing bringing the dark side of enterprise apps into the light by...
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
CyberCrime in the Cloud and How to defend Yourself
CyberCrime in the Cloud and How to defend Yourself CyberCrime in the Cloud and How to defend Yourself
CyberCrime in the Cloud and How to defend Yourself
 
Ixia anue maximum roi from your existing toolsets
Ixia anue maximum roi from your existing toolsetsIxia anue maximum roi from your existing toolsets
Ixia anue maximum roi from your existing toolsets
 
Migrating To Cloud & Security @ FOBE 2011
Migrating To Cloud & Security @ FOBE 2011Migrating To Cloud & Security @ FOBE 2011
Migrating To Cloud & Security @ FOBE 2011
 
Cloud Computing security Challenges for Defense Forces
Cloud Computing security Challenges for Defense ForcesCloud Computing security Challenges for Defense Forces
Cloud Computing security Challenges for Defense Forces
 
20120524 cern data centre evolution v2
20120524 cern data centre evolution v220120524 cern data centre evolution v2
20120524 cern data centre evolution v2
 
SplunkLive! Toronto - Ceryx
SplunkLive! Toronto - CeryxSplunkLive! Toronto - Ceryx
SplunkLive! Toronto - Ceryx
 
VMworld 2013: VMware NSX: A Customer’s Perspective
VMworld 2013: VMware NSX: A Customer’s Perspective VMworld 2013: VMware NSX: A Customer’s Perspective
VMworld 2013: VMware NSX: A Customer’s Perspective
 
Minicom White Paper Using Ram To Increase Security And Improve Efficiency In ...
Minicom White Paper Using Ram To Increase Security And Improve Efficiency In ...Minicom White Paper Using Ram To Increase Security And Improve Efficiency In ...
Minicom White Paper Using Ram To Increase Security And Improve Efficiency In ...
 
Migrate from Red Hat to SUSE Linux Enterprise Server
Migrate from Red Hat to SUSE Linux Enterprise ServerMigrate from Red Hat to SUSE Linux Enterprise Server
Migrate from Red Hat to SUSE Linux Enterprise Server
 
Novell Success Stories: Collaboration in Government
Novell Success Stories: Collaboration in GovernmentNovell Success Stories: Collaboration in Government
Novell Success Stories: Collaboration in Government
 
What does performance mean in the cloud
What does performance mean in the cloudWhat does performance mean in the cloud
What does performance mean in the cloud
 
Dell Networking Wired, Wireless and Security Solutions Lab
Dell Networking Wired, Wireless and Security Solutions LabDell Networking Wired, Wireless and Security Solutions Lab
Dell Networking Wired, Wireless and Security Solutions Lab
 
Juniper Services and Support
Juniper Services and SupportJuniper Services and Support
Juniper Services and Support
 
Building Cloud capability for startups
Building Cloud capability for startupsBuilding Cloud capability for startups
Building Cloud capability for startups
 
Challenges faced by small and medium business
Challenges faced by small and medium businessChallenges faced by small and medium business
Challenges faced by small and medium business
 
How to choose the right IPAM for your organization final
How to choose the right IPAM for your organization finalHow to choose the right IPAM for your organization final
How to choose the right IPAM for your organization final
 
Palo alto safe application enablement
Palo alto safe application enablementPalo alto safe application enablement
Palo alto safe application enablement
 

Similaire à Delivering Operational Intelligence at NAB with Splunk, Gartner Symposium ITXpo 2012

Big Events Cause Network Mayhem
Big Events Cause Network MayhemBig Events Cause Network Mayhem
Big Events Cause Network MayhemPacketTrap Msp
 
Challenges in Practicing High Frequency Releases in Cloud Environments
Challenges in Practicing High Frequency Releases in Cloud Environments Challenges in Practicing High Frequency Releases in Cloud Environments
Challenges in Practicing High Frequency Releases in Cloud Environments Liming Zhu
 
Tiger oracle
Tiger oracleTiger oracle
Tiger oracled0nn9n
 
stackArmor - Security MicroSummit - McAfee
stackArmor - Security MicroSummit - McAfeestackArmor - Security MicroSummit - McAfee
stackArmor - Security MicroSummit - McAfeeGaurav "GP" Pal
 
Cloud Computing And Soa Convergence Linthicum 02 09 10
Cloud Computing And Soa Convergence Linthicum 02 09 10Cloud Computing And Soa Convergence Linthicum 02 09 10
Cloud Computing And Soa Convergence Linthicum 02 09 10David Linthicum
 
Nonfunctional Testing: Examine the Other Side of the Coin
Nonfunctional Testing: Examine the Other Side of the CoinNonfunctional Testing: Examine the Other Side of the Coin
Nonfunctional Testing: Examine the Other Side of the CoinTechWell
 
VMWare Winnipeg Forum - 2011
VMWare Winnipeg Forum - 2011VMWare Winnipeg Forum - 2011
VMWare Winnipeg Forum - 2011asedha
 
The Build vs. Buy Decision for SaaS Delivery
The Build vs. Buy Decision for SaaS DeliveryThe Build vs. Buy Decision for SaaS Delivery
The Build vs. Buy Decision for SaaS DeliveryOpSource
 
Extending The Value Of Oracle Crm On Demand Through Cloud Based Extensibility
Extending The Value Of Oracle Crm On Demand Through Cloud Based ExtensibilityExtending The Value Of Oracle Crm On Demand Through Cloud Based Extensibility
Extending The Value Of Oracle Crm On Demand Through Cloud Based ExtensibilityJerome Leonard
 
Security Challenges in Cloud Integration - Cloud Security Alliance, Austin Ch...
Security Challenges in Cloud Integration - Cloud Security Alliance, Austin Ch...Security Challenges in Cloud Integration - Cloud Security Alliance, Austin Ch...
Security Challenges in Cloud Integration - Cloud Security Alliance, Austin Ch...Glen Roberts, CISSP
 
Troubleshooting: A High-Value Asset For The Service-Provider Discipline
Troubleshooting: A High-Value Asset For The Service-Provider DisciplineTroubleshooting: A High-Value Asset For The Service-Provider Discipline
Troubleshooting: A High-Value Asset For The Service-Provider DisciplineSagi Brody
 
Dr. Michael Valivullah, NASS/USDA - Cloud Computing
Dr. Michael Valivullah, NASS/USDA - Cloud ComputingDr. Michael Valivullah, NASS/USDA - Cloud Computing
Dr. Michael Valivullah, NASS/USDA - Cloud Computingikanow
 
Softchoice Webinar: IBM PureSystems launch
Softchoice Webinar: IBM PureSystems launch Softchoice Webinar: IBM PureSystems launch
Softchoice Webinar: IBM PureSystems launchSoftchoice Corporation
 
Proactive ops for container orchestration environments
Proactive ops for container orchestration environmentsProactive ops for container orchestration environments
Proactive ops for container orchestration environmentsDocker, Inc.
 
Webinar: Improve Splunk Analytics and Automate Processes with SnapLogic
Webinar: Improve Splunk Analytics and Automate Processes with SnapLogicWebinar: Improve Splunk Analytics and Automate Processes with SnapLogic
Webinar: Improve Splunk Analytics and Automate Processes with SnapLogicSnapLogic
 
Puppet Camp Amsterdam 2015: Keynote
Puppet Camp Amsterdam 2015: KeynotePuppet Camp Amsterdam 2015: Keynote
Puppet Camp Amsterdam 2015: KeynotePuppet
 
Run Book Automation with PlateSpin Orchestrate
Run Book Automation with PlateSpin OrchestrateRun Book Automation with PlateSpin Orchestrate
Run Book Automation with PlateSpin OrchestrateNovell
 
Run Book Automation with PlateSpin Orchestrate
Run Book Automation with PlateSpin OrchestrateRun Book Automation with PlateSpin Orchestrate
Run Book Automation with PlateSpin OrchestrateNovell
 
Run Book Automation with PlateSpin Orchestrate
Run Book Automation with PlateSpin OrchestrateRun Book Automation with PlateSpin Orchestrate
Run Book Automation with PlateSpin OrchestrateNovell
 

Similaire à Delivering Operational Intelligence at NAB with Splunk, Gartner Symposium ITXpo 2012 (20)

Big Events Cause Network Mayhem
Big Events Cause Network MayhemBig Events Cause Network Mayhem
Big Events Cause Network Mayhem
 
Challenges in Practicing High Frequency Releases in Cloud Environments
Challenges in Practicing High Frequency Releases in Cloud Environments Challenges in Practicing High Frequency Releases in Cloud Environments
Challenges in Practicing High Frequency Releases in Cloud Environments
 
Tiger oracle
Tiger oracleTiger oracle
Tiger oracle
 
stackArmor - Security MicroSummit - McAfee
stackArmor - Security MicroSummit - McAfeestackArmor - Security MicroSummit - McAfee
stackArmor - Security MicroSummit - McAfee
 
Cloud Computing And Soa Convergence Linthicum 02 09 10
Cloud Computing And Soa Convergence Linthicum 02 09 10Cloud Computing And Soa Convergence Linthicum 02 09 10
Cloud Computing And Soa Convergence Linthicum 02 09 10
 
Nonfunctional Testing: Examine the Other Side of the Coin
Nonfunctional Testing: Examine the Other Side of the CoinNonfunctional Testing: Examine the Other Side of the Coin
Nonfunctional Testing: Examine the Other Side of the Coin
 
VMWare Winnipeg Forum - 2011
VMWare Winnipeg Forum - 2011VMWare Winnipeg Forum - 2011
VMWare Winnipeg Forum - 2011
 
The Build vs. Buy Decision for SaaS Delivery
The Build vs. Buy Decision for SaaS DeliveryThe Build vs. Buy Decision for SaaS Delivery
The Build vs. Buy Decision for SaaS Delivery
 
Extending The Value Of Oracle Crm On Demand Through Cloud Based Extensibility
Extending The Value Of Oracle Crm On Demand Through Cloud Based ExtensibilityExtending The Value Of Oracle Crm On Demand Through Cloud Based Extensibility
Extending The Value Of Oracle Crm On Demand Through Cloud Based Extensibility
 
Security Challenges in Cloud Integration - Cloud Security Alliance, Austin Ch...
Security Challenges in Cloud Integration - Cloud Security Alliance, Austin Ch...Security Challenges in Cloud Integration - Cloud Security Alliance, Austin Ch...
Security Challenges in Cloud Integration - Cloud Security Alliance, Austin Ch...
 
Troubleshooting: A High-Value Asset For The Service-Provider Discipline
Troubleshooting: A High-Value Asset For The Service-Provider DisciplineTroubleshooting: A High-Value Asset For The Service-Provider Discipline
Troubleshooting: A High-Value Asset For The Service-Provider Discipline
 
Dr. Michael Valivullah, NASS/USDA - Cloud Computing
Dr. Michael Valivullah, NASS/USDA - Cloud ComputingDr. Michael Valivullah, NASS/USDA - Cloud Computing
Dr. Michael Valivullah, NASS/USDA - Cloud Computing
 
Is the Network Tap Mightier Than the Sword
Is the Network Tap Mightier Than the SwordIs the Network Tap Mightier Than the Sword
Is the Network Tap Mightier Than the Sword
 
Softchoice Webinar: IBM PureSystems launch
Softchoice Webinar: IBM PureSystems launch Softchoice Webinar: IBM PureSystems launch
Softchoice Webinar: IBM PureSystems launch
 
Proactive ops for container orchestration environments
Proactive ops for container orchestration environmentsProactive ops for container orchestration environments
Proactive ops for container orchestration environments
 
Webinar: Improve Splunk Analytics and Automate Processes with SnapLogic
Webinar: Improve Splunk Analytics and Automate Processes with SnapLogicWebinar: Improve Splunk Analytics and Automate Processes with SnapLogic
Webinar: Improve Splunk Analytics and Automate Processes with SnapLogic
 
Puppet Camp Amsterdam 2015: Keynote
Puppet Camp Amsterdam 2015: KeynotePuppet Camp Amsterdam 2015: Keynote
Puppet Camp Amsterdam 2015: Keynote
 
Run Book Automation with PlateSpin Orchestrate
Run Book Automation with PlateSpin OrchestrateRun Book Automation with PlateSpin Orchestrate
Run Book Automation with PlateSpin Orchestrate
 
Run Book Automation with PlateSpin Orchestrate
Run Book Automation with PlateSpin OrchestrateRun Book Automation with PlateSpin Orchestrate
Run Book Automation with PlateSpin Orchestrate
 
Run Book Automation with PlateSpin Orchestrate
Run Book Automation with PlateSpin OrchestrateRun Book Automation with PlateSpin Orchestrate
Run Book Automation with PlateSpin Orchestrate
 

Plus de Splunk

.conf Go 2023 - Data analysis as a routine
.conf Go 2023 - Data analysis as a routine.conf Go 2023 - Data analysis as a routine
.conf Go 2023 - Data analysis as a routineSplunk
 
.conf Go 2023 - How KPN drives Customer Satisfaction on IPTV
.conf Go 2023 - How KPN drives Customer Satisfaction on IPTV.conf Go 2023 - How KPN drives Customer Satisfaction on IPTV
.conf Go 2023 - How KPN drives Customer Satisfaction on IPTVSplunk
 
.conf Go 2023 - Navegando la normativa SOX (Telefónica)
.conf Go 2023 - Navegando la normativa SOX (Telefónica).conf Go 2023 - Navegando la normativa SOX (Telefónica)
.conf Go 2023 - Navegando la normativa SOX (Telefónica)Splunk
 
.conf Go 2023 - Raiffeisen Bank International
.conf Go 2023 - Raiffeisen Bank International.conf Go 2023 - Raiffeisen Bank International
.conf Go 2023 - Raiffeisen Bank InternationalSplunk
 
.conf Go 2023 - På liv og død Om sikkerhetsarbeid i Norsk helsenett
.conf Go 2023 - På liv og død Om sikkerhetsarbeid i Norsk helsenett .conf Go 2023 - På liv og død Om sikkerhetsarbeid i Norsk helsenett
.conf Go 2023 - På liv og død Om sikkerhetsarbeid i Norsk helsenett Splunk
 
.conf Go 2023 - Many roads lead to Rome - this was our journey (Julius Bär)
.conf Go 2023 - Many roads lead to Rome - this was our journey (Julius Bär).conf Go 2023 - Many roads lead to Rome - this was our journey (Julius Bär)
.conf Go 2023 - Many roads lead to Rome - this was our journey (Julius Bär)Splunk
 
.conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu...
.conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu....conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu...
.conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu...Splunk
 
.conf go 2023 - Cyber Resilienz – Herausforderungen und Ansatz für Energiever...
.conf go 2023 - Cyber Resilienz – Herausforderungen und Ansatz für Energiever....conf go 2023 - Cyber Resilienz – Herausforderungen und Ansatz für Energiever...
.conf go 2023 - Cyber Resilienz – Herausforderungen und Ansatz für Energiever...Splunk
 
.conf go 2023 - De NOC a CSIRT (Cellnex)
.conf go 2023 - De NOC a CSIRT (Cellnex).conf go 2023 - De NOC a CSIRT (Cellnex)
.conf go 2023 - De NOC a CSIRT (Cellnex)Splunk
 
conf go 2023 - El camino hacia la ciberseguridad (ABANCA)
conf go 2023 - El camino hacia la ciberseguridad (ABANCA)conf go 2023 - El camino hacia la ciberseguridad (ABANCA)
conf go 2023 - El camino hacia la ciberseguridad (ABANCA)Splunk
 
Splunk - BMW connects business and IT with data driven operations SRE and O11y
Splunk - BMW connects business and IT with data driven operations SRE and O11ySplunk - BMW connects business and IT with data driven operations SRE and O11y
Splunk - BMW connects business and IT with data driven operations SRE and O11ySplunk
 
Splunk x Freenet - .conf Go Köln
Splunk x Freenet - .conf Go KölnSplunk x Freenet - .conf Go Köln
Splunk x Freenet - .conf Go KölnSplunk
 
Splunk Security Session - .conf Go Köln
Splunk Security Session - .conf Go KölnSplunk Security Session - .conf Go Köln
Splunk Security Session - .conf Go KölnSplunk
 
Data foundations building success, at city scale – Imperial College London
Data foundations building success, at city scale – Imperial College London Data foundations building success, at city scale – Imperial College London
Data foundations building success, at city scale – Imperial College LondonSplunk
 
Splunk: How Vodafone established Operational Analytics in a Hybrid Environmen...
Splunk: How Vodafone established Operational Analytics in a Hybrid Environmen...Splunk: How Vodafone established Operational Analytics in a Hybrid Environmen...
Splunk: How Vodafone established Operational Analytics in a Hybrid Environmen...Splunk
 
SOC, Amore Mio! | Security Webinar
SOC, Amore Mio! | Security WebinarSOC, Amore Mio! | Security Webinar
SOC, Amore Mio! | Security WebinarSplunk
 
.conf Go 2022 - Observability Session
.conf Go 2022 - Observability Session.conf Go 2022 - Observability Session
.conf Go 2022 - Observability SessionSplunk
 
.conf Go Zurich 2022 - Keynote
.conf Go Zurich 2022 - Keynote.conf Go Zurich 2022 - Keynote
.conf Go Zurich 2022 - KeynoteSplunk
 
.conf Go Zurich 2022 - Platform Session
.conf Go Zurich 2022 - Platform Session.conf Go Zurich 2022 - Platform Session
.conf Go Zurich 2022 - Platform SessionSplunk
 
.conf Go Zurich 2022 - Security Session
.conf Go Zurich 2022 - Security Session.conf Go Zurich 2022 - Security Session
.conf Go Zurich 2022 - Security SessionSplunk
 

Plus de Splunk (20)

.conf Go 2023 - Data analysis as a routine
.conf Go 2023 - Data analysis as a routine.conf Go 2023 - Data analysis as a routine
.conf Go 2023 - Data analysis as a routine
 
.conf Go 2023 - How KPN drives Customer Satisfaction on IPTV
.conf Go 2023 - How KPN drives Customer Satisfaction on IPTV.conf Go 2023 - How KPN drives Customer Satisfaction on IPTV
.conf Go 2023 - How KPN drives Customer Satisfaction on IPTV
 
.conf Go 2023 - Navegando la normativa SOX (Telefónica)
.conf Go 2023 - Navegando la normativa SOX (Telefónica).conf Go 2023 - Navegando la normativa SOX (Telefónica)
.conf Go 2023 - Navegando la normativa SOX (Telefónica)
 
.conf Go 2023 - Raiffeisen Bank International
.conf Go 2023 - Raiffeisen Bank International.conf Go 2023 - Raiffeisen Bank International
.conf Go 2023 - Raiffeisen Bank International
 
.conf Go 2023 - På liv og død Om sikkerhetsarbeid i Norsk helsenett
.conf Go 2023 - På liv og død Om sikkerhetsarbeid i Norsk helsenett .conf Go 2023 - På liv og død Om sikkerhetsarbeid i Norsk helsenett
.conf Go 2023 - På liv og død Om sikkerhetsarbeid i Norsk helsenett
 
.conf Go 2023 - Many roads lead to Rome - this was our journey (Julius Bär)
.conf Go 2023 - Many roads lead to Rome - this was our journey (Julius Bär).conf Go 2023 - Many roads lead to Rome - this was our journey (Julius Bär)
.conf Go 2023 - Many roads lead to Rome - this was our journey (Julius Bär)
 
.conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu...
.conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu....conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu...
.conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu...
 
.conf go 2023 - Cyber Resilienz – Herausforderungen und Ansatz für Energiever...
.conf go 2023 - Cyber Resilienz – Herausforderungen und Ansatz für Energiever....conf go 2023 - Cyber Resilienz – Herausforderungen und Ansatz für Energiever...
.conf go 2023 - Cyber Resilienz – Herausforderungen und Ansatz für Energiever...
 
.conf go 2023 - De NOC a CSIRT (Cellnex)
.conf go 2023 - De NOC a CSIRT (Cellnex).conf go 2023 - De NOC a CSIRT (Cellnex)
.conf go 2023 - De NOC a CSIRT (Cellnex)
 
conf go 2023 - El camino hacia la ciberseguridad (ABANCA)
conf go 2023 - El camino hacia la ciberseguridad (ABANCA)conf go 2023 - El camino hacia la ciberseguridad (ABANCA)
conf go 2023 - El camino hacia la ciberseguridad (ABANCA)
 
Splunk - BMW connects business and IT with data driven operations SRE and O11y
Splunk - BMW connects business and IT with data driven operations SRE and O11ySplunk - BMW connects business and IT with data driven operations SRE and O11y
Splunk - BMW connects business and IT with data driven operations SRE and O11y
 
Splunk x Freenet - .conf Go Köln
Splunk x Freenet - .conf Go KölnSplunk x Freenet - .conf Go Köln
Splunk x Freenet - .conf Go Köln
 
Splunk Security Session - .conf Go Köln
Splunk Security Session - .conf Go KölnSplunk Security Session - .conf Go Köln
Splunk Security Session - .conf Go Köln
 
Data foundations building success, at city scale – Imperial College London
Data foundations building success, at city scale – Imperial College London Data foundations building success, at city scale – Imperial College London
Data foundations building success, at city scale – Imperial College London
 
Splunk: How Vodafone established Operational Analytics in a Hybrid Environmen...
Splunk: How Vodafone established Operational Analytics in a Hybrid Environmen...Splunk: How Vodafone established Operational Analytics in a Hybrid Environmen...
Splunk: How Vodafone established Operational Analytics in a Hybrid Environmen...
 
SOC, Amore Mio! | Security Webinar
SOC, Amore Mio! | Security WebinarSOC, Amore Mio! | Security Webinar
SOC, Amore Mio! | Security Webinar
 
.conf Go 2022 - Observability Session
.conf Go 2022 - Observability Session.conf Go 2022 - Observability Session
.conf Go 2022 - Observability Session
 
.conf Go Zurich 2022 - Keynote
.conf Go Zurich 2022 - Keynote.conf Go Zurich 2022 - Keynote
.conf Go Zurich 2022 - Keynote
 
.conf Go Zurich 2022 - Platform Session
.conf Go Zurich 2022 - Platform Session.conf Go Zurich 2022 - Platform Session
.conf Go Zurich 2022 - Platform Session
 
.conf Go Zurich 2022 - Security Session
.conf Go Zurich 2022 - Security Session.conf Go Zurich 2022 - Security Session
.conf Go Zurich 2022 - Security Session
 

Dernier

Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsRoshan Dwivedi
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 

Dernier (20)

Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 

Delivering Operational Intelligence at NAB with Splunk, Gartner Symposium ITXpo 2012

  • 1.     Mining  Security  Data     Security  Surveillance  and  the  case  for  data  reuse  
  • 2. Na0onal  Australia  Bank   •  Financial  services  organisa5on  with  over  40,000  employees   •  Opera5ng  more  than  1,800  branches  and  service  centres   •  Responsible  to  more  than  460,000  shareholders   •  Major  financial  services  franchises  in  Australia,  New  Zealand,  Asia,  the  United   Kingdom  and  the  United  States   •  CommiKed  to  providing  quality  products  and  services,  fair  fees  and  charges,  and   rela5onships  built  on  the  principles  of  help,  guidance  and  advice  
  • 3. Introducing  Jamie   •  Security  Program  Manager,  Informa5on  Security  Services   •  Senior  Manager,  nabCERT  SOC   •  Na5onal  Australia  Bank’s  Computer  Emergency  Response  Team   •  Won  SC  Magazine  Award  for  Organiza5onal  Excellence  in   Informa5on  Security   •  12+  years  in  technology   •  Held  various  roles  at  NAB:   •  Info  Security  team  leader   •  Architecture  and  strategy   •  Project  management   •  Consul5ng  
  • 4. Five  Areas  of  Interest   What’s  the   user  doing?   What’s   What’s  the   happening  on   machine   the  network?   doing?   What’s   What’s  the   happening  to   app  doing?   the  data?  
  • 5. Defining  (some  of)  the  Issues  the  SOC  Faced   •  Need  to  improve  incident  response  5mes   •  Require  greater  visibility  into  security  events   •  Achieve  contextualized  /  enriched  aler5ng   •  Correlate  across  systems   •  Deal  with  different  log  formats     •  Add  new  or  modified  log  formats   •  Avoid  custom  code  (10  different  security  analysts)   •  Limit  to  resource  availability  for  manual  (bespoke)  inves5ga5ons  
  • 6. Why  Splunk?  ROI  for  nabCERT   •  Stood  up  Splunk  quickly   •  Onboard  and  integrate  data  once—easily   •  No  need  to  re-­‐import  when  applica5ons  or  formats  change   •  Keeps  the  team  in  the  business  of  security  analysis  and  out  of  the   business  of  building  parsers  and  connectors   •  Proven  to  be  effec$ve  and  efficient   “Splunk  gave  us  the  speed  of  deployment     and  results  we  were  looking  for.”  
  • 7. Case  Study  One   •  Primary  objec5ve:  Significantly  reduce  the  5me  to  complete  electronic  searches  of   email  archives  to  meet  legal  requests   •  Email  logs  easily  searchable,  by  user,  subject,  5meframe   –  Effec5ve?  Yes   •  Ability  to  perform  searches  based  on  subject,  sender,  recipient,  date  /  5me   •  Results  used  by  the  team  to  finalise  acquisi5on  of  all  per5nent  material   –  Efficient?  Yes   •  No  more  grep   •  Search  5mes  reduced  to  minutes  vs.  hours  or  days  (per  inves5gator)   •  Concurrent  searching  of  datasets  by  the  inves5ga5ve  team  
  • 8. You’re  Mining  For  Gold  In  Your  Data…   Au
  • 9. If  You  Are  Going  To  That  Much  Trouble   Ag Pb Fe Cu Ni
  • 10. Who  Are  Our  Data  Consumers?   Infrastructure   Business   Applica0on   Fraud  Team   Performance   Partners   Support   Management   Service   Network   Delivery   Security   Managers  
  • 11. Case  Study  Two:  DHCP  Logs   Service  Delivery   Security   Opera5ons   •  Detec5ng  unauthorized  devices   •  Ensuring  op5mum  connec5vity  /   •  Monitor  based  on  standard  naming   produc5vity   conven5on  +  Ac5ve  Directory   •  Alerts  for  insufficient  IP/  subnet   creden5als   coverage  across  the  network   •  Add  MAC  address  lookup  to  confirm   •  Alerts  when  subnets  are  full   a  "good"  device   •  Visibility  into  underu5lized  subnets   •  Triggers  ac5on  for  Network  team  to   reallocate/  reassign  Subnet   Our  approach  is  to  maximise  the  u=lity  from  every  log  source  collected  and   indexed,  not  j11   for  security   ust  
  • 12. DHCP  Dashboard—Security  View   Use  commentary  on  the   dashboard   Cause  /  Impact  /  Resolu5on  
  • 13. DHCP  Dashboard  –  Network  Service  View     Don’t  use  Average,   use  Most  Common   (mode),  median  and   90%  Percen5le.   13  
  • 14. Network  Service  View  #2   Users  cannot  connect  to   the  network,  or  have   delays  connec5ng  in  hot   desk  areas.  
  • 15. DHCP  Dashboard  –  Infrastructure  View   Capacity  and  availability   issues  for  the  team   suppor5ng  these  services,  as   well  as  Service  Desk.  
  • 16. Case  Study  Three:  The  AUer  Hours  Worker   Who  is  working  late  and  how   open  during  the  week?   Are  they  using  the  same   worksta5on?  
  • 17. Case  Study  4:  SOC  to  the  Rescue   The  ‘gold’  in  this  case  happens  to   be  a  log  line  that  resolved  a  three   week  issue  causing  significant   disrup5on  to  a    business  unit.  
  • 18. Enriched  Data  Drives  Ac0on   "  Single  log  type  (DHCP)  from  1,000+  DHCP  servers   "  Security  (nabCERT  SOC)  gets  the  “gold”  it  is  aper   "  Networks,  Security  Opera5ons  (Firewalls),  Service  Management,   Infrastructure  support,  Building  services  get  what  is  of  value  to  them   " Splunk  search  language  calcula5ons  to  pinpoint  most  cri5cal     –  Min,  Median,  Mode,  Max,  90th  percen5le     "  Cross-­‐reference  with  other  data  (IP  address  database)     "  Provide  the  teams  with  the  facts,  in  context,  with  an  explana5on  and   remedy   18  
  • 19. Democra0zing  Data  (In  A  Secure  Fashion)   •  Take  a  collabora5ve  approach   •  Give  us  your  data,  we’ll  give   you  more  value     •  Dashboards  for  specific  teams   so  they  can  drill  down   themselves  for  problem  solving   •  Role-­‐based  access  ensures   access  only  to  relevant  data   •  Look  beyond  the  gold  (what   you  are  aper)  
  • 20. Back  to  the  Case  Study  One  (Legal)   •  Reuse  case  1:  Data  loss   Primary  objec5ve:   protec5on  supplement   Significantly  reduce  5me  to   •  Reuse  case  2:  User  ac5vity   complete  electronic   baselining   searches  for  legal   •  Reuse  case  3:  Validate  spam  /   spoof  controls   •  Reuse  case  4:  User  Access   Revalida5on  supplement   20  
  • 21. What’s  Next?     •  More  re-­‐use  cases  from  our  data     •  More  applica5on  and  databases   •  Complete  key  infrastructure  collec5on   •  Look  for  the  opportuni5es   •  Take  the  5me  to  look  for  the  win:win   Think  and  plan  strategically,  work  tac=cally  
  • 23. Splunk  Company  Overview   Company  (NASDAQ:  SPLK)   "  Founded  2004,  first  sopware  release  in  2006   "  HQ:  San  Francisco  /  Region  HQ:  London,  Hong  Kong   "  Over  600  employees,  based  in  10  countries   "  Q2  Revenue:  $44.5  million;  +71%  year-­‐over-­‐year   Business  Model  /  Products   "  Free  download  to  massive  scale   "  On-­‐premise,  in  the  cloud  and  SaaS     4,400+  Customers   "  Customers  in  over  80  countries   "  54  of  the  Fortune  100   "  Largest  license:  100  Terabytes  per  day     See  us  on  the  ITXpo  Showfloor  in  booth  S2   23