Splunk Extends Scope of IT Security Portfolio

    Slide Show

    Uncovering the Truth about Six Big Data Security Analytics Myths

    Just about everyone has come to realize that defending the enterprise against the hundreds of thousands of types of security attacks being continually launched is beyond the capabilities of mere mortals. As such, IT organizations are increasingly going to have to rely on machine learning software to help even the IT security odds.

    At the Splunk 2015 Worldwide Users Conference today, Splunk unveiled an update to its security software, now rechristened Splunk Enterprise Security 4.0, which adds support for advanced tools for investigating threats. It also formally unveiled Splunk User Behavior Analytics, a separate security offering based on machine learning software that Splunk gained when it acquired Caspida, Inc. earlier this year.

    Monzy Merza, chief security evangelist at Splunk, says the ultimate security goal is to not only identify the attack paths being used by various types of malware, but also the kill chain that can be used to put a stop to those attacks. Rather than simply keeping a database of those types of attacks in a security information event management (SIEM) system, Merza says Splunk is now effectively creating a security operations center through which IT organizations can more proactively defend themselves.


    For example, Splunk User Behavior Analytics enables IT organizations to more easily identify anomalies in end-user behavior, while Splunk Enterprise Security 4.0 makes it simpler for teams of IT security professionals to collaborate on identifying those threats, said Merza. The end result, adds Merza, is a much more rapid response to identifying not only potential threats, but also just how lethal they may be to the organization.

    Regardless of the level of IT security required, it’s pretty clear that advanced analytics and machine learning software have a major role to play in the future of IT security. The challenge will be figuring out how to go about incorporating those technologies in a way that best complements the layers of IT security that most IT organizations have already deployed.

    Mike Vizard
    Mike Vizard
    Michael Vizard is a seasoned IT journalist, with nearly 30 years of experience writing and editing about enterprise IT issues. He is a contributor to publications including Programmableweb, IT Business Edge, CIOinsight and UBM Tech. He formerly was editorial director for Ziff-Davis Enterprise, where he launched the company’s custom content division, and has also served as editor in chief for CRN and InfoWorld. He also has held editorial positions at PC Week, Computerworld and Digital Review.

    Get the Free Newsletter!

    Subscribe to Daily Tech Insider for top news, trends, and analysis.

    Latest Articles