Use Hunk on Splunk to enhance enterprise security and make good business decisions

Big data is a term used for data sets so large or complex that traditional data processing applications are inadequate. It is one of the fastest growing types of data and requires a massive amount of storage to collect and retain the unstructured and poly-structured data. It is also used to analyze and reveal patterns, trends and associations, relating to human behaviors and interactions. Organizations have been gathering big data and storing it for a long time without an easy means to derive intelligence from the data.

Hunk on Splunk can help organizations wrangle their data by using the Splunk platform to communicate with big data stores like Hadoop and NoSQL. Through this integration, Splunk Enterprise Core ingests any machine data from the data stores and Hunk on Splunk uses virtual indexes to decouple the storage tierfrom the data access and analytics tiers. This then enables Hunk to transparently route requests to different data stores. Hunk uses data on read, which means the unstructured data is easily read during search time across different data sets.

Objectives

The WWT Hunk on Splunk Workshop is a two- to four-hour strategic discussion and whiteboard session focused on identifying your companies business and security challenges. WWT experts customize the session to meet your companies’ specific areas of interest, which may include:

  • Business Analytics and Intelligence – understanding and making agile business decisions based on the data derived from inputs into Hadoop and extracted by Hunk search queries across disparate data sets and types.
  • Security Analytics – using the big data for security to derive historical and prospective analytics from machine data and correlate historical with real time data to hunt and investigate attacks occurring in the enterprise.

Benefits

Hunk on Splunk can be used in a variety of ways to enhance security by providing historical and retrospective analytics and help make good business decisions by building models and using machine learning. Machine data is used to providesecurity analysts with a means to do investigative, forensic, retrospective and historical analytics to determine the method of attack. It is also used to help business analysts gain insights by understanding trends, patterns and gaining intelligence to better enable agile business decisions.

View our Hunk on Splunk Workshop brochure.

  • WWT & Syncurity Patch Management Overview

    WWT and the Syncurity IR-FlowSOAR platform solve the patch management challenge with a comprehensive solution that delivers rapid response and reduced cyber risk.
  • Business Insight Support System Overview

    Software tools that deal with network security can run on many disparate applications. WWT developed a Business Insight Support System that ties output from software solutions into one web-based portal, functioning as a single touch point for all network security data.
  • Host-based Segmentation Pilot

    Implement segmentation protection with a host-based pilot capability and demonstrate success in 90 days.
  • Integrated Endpoint Security Architecture Federal Overview

    For most organizations, the ability to demonstrate compliance to an assessment program directly correlates to the maturity of their cyber security program. Learn more about WWT’s approach to integrated endpoint security architecture for our federal customers.
  • Integrated Endpoint Security Architecture Commercial Overview

    Endpoint security must be part of an overall security architecture and strategy. If all the areas referenced in this paper are addressed and integrated within an environment, the result will be a level of protection that far exceeds anything a single point product can provide.
  • Professional Services Security Overview

    Our Professional Services architects can help to overcome the challenges of securing an organization’s infrastructure through network discovery, a security assessment and penetration testing.
  • Splunk Appliance for IT Operational Intelligence

    Through operational intelligence, Splunk helps organizations detect potential problems and decrease response time to meet DCOI compliance.
  • Identity and Access Management

    Organizations understand that providing users with secure access can be challenging and strenuous. Identity and Access Management (IAM) is an enterprise program that focuses on ensuring that authorized people and devices have the appropriate access at the right time.
  • WWT Security Practice

    Explore WWT's approach to defending against cyber threats.
  • HIPAA Security Assessment

    This assessment presents an organization with actionable data to strengthen areas, mature processes, bring attention to compliance issues, and provide recommendations for remediation efforts.
  • SOC Assessment

    WWT's Security Operations Center (SOC) Assessment will assess each of the foundation-level elements of people, process, and technology to identify your organization’s overall strengths and weaknesses, current maturity ratings, and provide recommendations for improvement.
  • Issues in Cloud Security

    This white paper discusses the major computer security issues confronting an organization when moving to the cloud.