Ce diaporama a bien été signalé.
Nous utilisons votre profil LinkedIn et vos données d’activité pour vous proposer des publicités personnalisées et pertinentes. Vous pouvez changer vos préférences de publicités à tout moment.

Splunk @ Adobe

1 278 vues

Publié le

Where did that instance go? Security and compliance using Splunk

Publié dans : Technologie
  • Thanks for the previous comments. www.HelpWriting.net helped me too
       Répondre 
    Voulez-vous vraiment ?  Oui  Non
    Votre message apparaîtra ici
  • There is a useful site for you that will help you to write a perfect and valuable essay and so on. Check out, please ⇒ www.HelpWriting.net ⇐
       Répondre 
    Voulez-vous vraiment ?  Oui  Non
    Votre message apparaîtra ici
  • To get professional research papers you must go for experts like ⇒ www.WritePaper.info ⇐
       Répondre 
    Voulez-vous vraiment ?  Oui  Non
    Votre message apparaîtra ici
  • HelpWriting.net is a good website if you’re looking to get your essay written for you. You can also request things like research papers or dissertations. It’s really convenient and helpful. If you’ve got something very last-minute then it can be a little risky but either way it’s probably better than anything you can throw together :).
       Répondre 
    Voulez-vous vraiment ?  Oui  Non
    Votre message apparaîtra ici

Splunk @ Adobe

  1. 1. Splunk Company Overview 1 Company • Global HQs: - San Francisco - London - Hong Kong • 2,100+ employees globally • Annual Revenue: $668.4M (YoY +49%) • NASDAQ: SPLK Products • Free trial to massive scale • Splunk products: - Splunk Enterprise - Splunk Cloud - Hunk - Splunk Light - Splunk MINT - Premium Solutions Customers • 11,000+ customers • Across 110+ countries • Small to large organizations • More than 80 of the Fortune 100 • Largest license: - 1+ Petabytes/day
  2. 2. Spelunking: Splunking: to explore underground caves to explore machine data
  3. 3. 3 Make machine data accessible, usable and valuable to everyone. 3
  4. 4. Structured RDBMS SQL Search Schema at Write Schema at Read Traditional Splunk The Splunk Approach To Machine Data Copyright © 2014 Splunk Inc. 4 ETL Universal Indexing Volume Velocity Variety Unstructured
  5. 5. Turning Machine Data Into Operational Intelligence INDEX ANY MACHINE DATA: ANY SOURCE, TYPE, VOLUME Online Services Web Services Servers Security GPS Location Storage Desktops Networks Packaged Applications Custom ApplicationsMessaging Telecoms Online Shopping Cart Web Clickstreams Databases Energy Meters Call Detail Records Smartphones and Devices RFID On- Premises Private Cloud Public Cloud GAIN REAL-TIME VISIBILITY Apps & Solutions Report & analyze Custom dashboard s Monitor and alert Ad hoc search
  6. 6. Platform for Operational Intelligence The Splunk Portfolio Rich Ecosystem of Apps & Add-Ons Splunk Premium Solutions Mainframe Data Relational Databases MobileForwarders Syslog/TCP IoT Devices Network Wire Data Hadoop
  7. 7. Splunk for IT Operations and App Delivery Platform for Machine Data Service Monitoring IT Operational Analytics Application Management DevOpsIT Troubleshooting
  8. 8. Platform for Machine Data Splunk IT Service Intelligence Data-Driven Service Monitoring and Analytics At-a-Glance Problem Analysis Early Warning on Deviations Dynamic Service Models Seamless Workflow Integrations
  9. 9. Platform for Machine Data Application Delivery Security, Compliance and Fraud Business Analytics Industrial Data and Internet of Things IT Operations EMEA Use Cases For Operational Intelligence Vodafone John Lewis NHS Tesco Ubisoft Vertu BBC Ticketmaster Graphmasters VW Bosch Deutsche Bahn IKEA Yoox Sky Sparkasse/FI Shazam Yahoo Gatwick Kurt Geiger
  10. 10. © 2016 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. Where Did That Instance Go? How to optimize Security and Compliance
  11. 11. © 2016 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. DIGITAL EXPERIENCES CHANGING THE WORLD THROUGH
  12. 12. © 2016 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. ADOBE.IO PRIVATE, PUBLIC OR HYBRID CLOUD CORE TECHNOLOGIES ADOBE CLOUD PLATFORM CONTENT DATA 12
  13. 13. © 2016 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. Security vs. Compliance
  14. 14. © 2016 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. Compliance is NOT Security and Security is NOT Compliance § Compliance is NOT Security § Security is e.g. about protecting information from threats § Compliance is e.g. about “reporting” of how the security meets the controls § and any standard is having different controls 14 Security Compliance
  15. 15. © 2016 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. Adobe “Common Control Framework” § Clear guidance to all of our product and services teams § 1000 requirements rationalized down to about 200 Adobe-specific controls § See whitepaper and video: http://adobe.ly/1RbIO3A 15
  16. 16. © 2016 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. Answering controls with data § Data is created every second § Authentication logs § Change logs(deployments, builds, …) § Audit logs § Transaction logs § … § The needle in the haystack: § Thousands of servers / instances / containers § Multi regions / data centers § Multi environments (Development, Staging, Production) § Up-/Downscaling (short living infrastructure) § At Adobe we are using Splunk to find evidence and answer controls 16 Picture by Jens Ihnow at
  17. 17. © 2016 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. Splunk to aggregate them all 17 Splunk AWS Applications Security, Performance, … Build & Deployment Builds, deployments, … Security CloudTrail, Loadbalancer, … Threatintelligence, ... Search Enterprise Security AWS App Compliance App … Alerts Dashboards Search Reports (Archiving)
  18. 18. © 2016 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. Splunk Use case examples
  19. 19. © 2016 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. AWS Cloudtrail - Splunk App for AWS § Cloudtrail records AWS API activity: 19
  20. 20. © 2016 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. Amazon ElasticLoadBalancer § Use of SSL Ciphers § “Activities by AWS”: 20 Available data: • timestamp • elb • client:port • backend:port • request_processing_time • backend_processing_time • response_processing_time • elb_status_code • backend_status_code • received_bytes sent_bytes • "request" • "user_agent" • ssl_cipher ssl_protocol
  21. 21. © 2016 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. Compliance Tracking of build and deployment 21 § Logging deployed on all workflows (build, deploy, run, …) § Custom log format § Now Compliance is going to be „interesting“!
  22. 22. © 2016 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. Cloud Infrastructure Security for AWS by evident.io 22
  23. 23. © 2016 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. Visibilityand transparency– a very old problem § Dashboards: § Usually Application / infrastructure § Sometimes Security § But what about Compliance? § Reporting: § Scheduled status reports § Alerting: § eMail § Pager § Launch of Incidents / Problems 23 Picture by Jens Ihnow at
  24. 24. © 2016 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. References § Adobe CCF Whitepaper and Video: http://adobe.ly/1RbIO3A § Splunk – http://www.splunk.com § Splunk Enterprise Security - http://splk.it/1UDSSEf § Splunk App for AWS - http://splk.it/1WQU24g § Splunk App for Compliance - http://splk.it/1U9wxkb 24 Questions? Meet us during the lunch break at the Splunk booth!

×