![]() This was all important and interesting as a baseline security recap but where it got particularly interesting was focusing in on the Splunk Deployment Server.īefore I delve into the security threat surface potential that this particular Splunk component presents let me back up a bit on Splunk. It also covered basic best practices such as regular software and OS patching, applying security benchmarks such as CIS ( URL) among other essentials. The talk started with a recap on fundamentals and components such as the CIA triad (Confidentiality, Integrity, Availability) and the Cyber Attack Kill Chain ( SANS blog URL). The talk which really grabbed my attention was 'TRU1537 – Hardened Splunk: A Crash Course in Making Splunk Environments More Secure' ( click here to access the video and handouts). Plus Splunk released a new minor version 8.1.0 ( release notes) which for the first time supports data ingestion in conjunction with network load balancers (LTM). ![]() conf performance of her brand of ska pop hits) and another session with the actor Will Farrell.Īs a registered Splunk partner it is important for CND to keep up with current developments and just filtering on security there are 68 unique talks this year. conf event and for the un-initiated there are a huge variety of talks, in all 230 this year and obviously the focus for myself and CND colleagues was on cyber security related presentations, that said I did enjoy the cognitive rest sessions with celebrities Gwen Stefani (who gave a private. conf 2020 take place and instead of a Las Vegas venue it swapped to a virtual event, as with so much as an effect of Covid-19. v Chief Information Security Officer (vCISO).Security Information & Event Management.“IBM Security is a long-standing supporter of open-source and open standards, and believes that common data formats like the OCSF will help improve interoperability among many different cybersecurity products,” Muppidi added. “Cybersecurity is one of the most pressing challenges of the 21st century, and no single organisation, agency or vendor can solve it alone,” Sridhar Muppidi, chief technology officer at IBM Security said. Ryland added: “Customers tell us that their security teams are spending too much time and energy normalising data across different tools rather than being able to focus on analyzing and responding to risks.” “Having a holistic view of security-related data across tools is essential for customers to effectively detect, investigate and mitigate security issues,” Mark Ryland, director at the Office of the CISO at AWS said. “This is a problem that the industry needed to come together to solve,” Coughlin said. “Security leaders are wrestling with integration gaps across an expanding set of application, service and infrastructure providers, and they need clean, normalised and prioritised data to detect and respond to threats at scale,” Patrick Coughlin, group vice president of security marketing at Splunk said. ![]() “The OCSF is an open-source effort aimed at delivering a simplified and vendor-agnostic taxonomy to help all security teams realise better, faster data ingestion and analysis without the time-consuming, up-front normalisation tasks,” they said.Įxperts from participating companies said there was a pressing need to start sharing key data in order to improve cybersecurity for all. “Detecting and stopping today’s cyberattacks requires coordination across cybersecurity tools, but unfortunately normalising data from multiple sources requires significant time and resources,” the group stated. The initiative is described as a continuation of Paul Agbabian’s Integrated Cyber Defense (ICD) Schema work done at Symantec, a division of Broadcom.Īgbabian now holds a senior management position at Splunk. The goal behind OCSF is to better share product-normalising data in order to improve cybersecurity in general.Īll members of the cybersecurity community are invited to utilise and contribute to the OCSF. We will not share your details with third parties. I have read and accept the privacy policy and terms and conditions and by submitting my email address I agree to receive the CRN NZ newsletter and receive special offers on behalf of CRN NZ, nextmedia and its valued partners. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |