Chuck Leaver – So Much Energy And Interest At Splunk .conf

Written By Josh Applebaum And Presented By Chuck Leaver

 

 

Like a lot of you, we’re still recuperating from Splunk.conf last week. As usual,. conf had terrific energy and the individuals who remained in attendance were enthusiastic about Splunk and the numerous usage cases that it provides through the large app ecosystem.

One important announcement throughout the 7 days worth discussing was a brand-new security offering known as “Content Updates,” which essentially is pre-built Splunk searches for helping to discover security occurrences.

Generally, it has a look at the latest attacks, and the Splunk security team produces new searches for how they would hunt through Splunk ES data to find these kinds of attacks, and then ships those brand-new searches down to client’s Splunk ES environments for automated notifications when seen.

The best part? Since these updates are using primarily CIM (Common Info Model) data, and Ziften populates a lot of the CIM models, Ziften’s data is currently being matched against the brand-new Content Updates Splunk has produced.

A fast demonstration revealed which suppliers are contributing to each type of “detection” and Ziften was discussed in a great deal of them.

For instance, we have a current post that shares how Ziften’s data in Splunk is used to spot and react to WannaCry.

Overall, with the roughly 500 people who visited the cubicle over the course of.conf I need to say it was one of the very best occasions we have actually carried out in terms of quality discussions and interest. We had nothing but positive evaluations from our extensive discussions with all walks of corporate life – from highly technical experts in the public sector to CISOs in the monetary sector.

The most typical conversation normally began with, “We are just starting to roll out Splunk and are new to the platform.” I like those, given that individuals can get our Apps totally free and we can get them an agent to try and it gets them something to use right out of the box to demonstrate value right away. Other folks were very skilled and truly liked our technique and architecture.

Bottom line: Individuals are genuinely delighted about Splunk and real options are offered to help people with genuine problems!

Curious? The Ziften ZFlow App and Technology Add-on assists users of Splunk and Splunk ES usage Ziften-generated prolonged NetFlow from end points, servers, and cloud VMs to see exactly what they are missing out on at the perimeters of their network, their data centers, and in their cloud implementations.

~leaverchuck1


No Responses Yet to “Chuck Leaver – So Much Energy And Interest At Splunk .conf”

Leave a Reply