Virtualization Technology News and Information
Article
RSS
Splunk Introduces Splunk Insights for Ransomware

Splunk Inc. today announced Splunk Insights for Ransomware, a new offering that delivers organizations a complete analytics solution to manage ransomware threats. Splunk Insights for Ransomware offers Splunk Enterprise capabilities with user-based pricing and gives organizations real-time insights for proactive assessment and rapid investigation of potential ransomware threats. User-based, tiered pricing for the offering is available for organizations with up to 1000 employees.

In today's evolving threat landscape, maintaining security posture is critical to fighting ransomware, but day-to-day security hygiene is difficult for many smaller organizations constrained by limited resources, budget and time. Splunk Insights for Ransomware is designed to help these organizations with a broad, analytics-driven approach at a low cost and from a centralized platform.

"In today's threat landscape, the definition of critical infrastructure has expanded from electricity, water and gas to include IT infrastructures. During the WannaCry response, Splunk saw the need for a cost-effective ransomware offering that delivers a centralized point of visibility into potential ransomware activities and threats," said Haiyan Song, senior vice president of security markets, Splunk. "Splunk Insights for Ransomware allows us to deliver a way for small teams to combat the big problem of malware in real time. We are proud to provide a clear path for those customers to take full advantage of Splunk solutions to protect their business from ransomware."

Splunk Customers Defending Against Ransomware

"Children's Discovery Museum, like any organization, must protect itself against ransomware and phishing/spearphishing attacks to keep our critical systems safe and in operation. To compare this to natural disasters, when WannaCry emerged, we used Splunk software to detect the ‘tsunami' of the attack, from the first waves to the water receding, before the big wave, and take action against the threat in under five minutes," said Gregg Daly, principal engineer, Children's Discovery Museum. "We use Splunk software to monitor our email and DNS security, and we've done layered behavioral and characteristics studies through Splunk software. As a result we were able to see a user notification of a suspicious attachment and quickly investigate to learn an attack was in progress. Splunk's easy-to-navigate view across all of our data, devices and applications, combined with our data-driven transport rules, enabled us to automatically defend our systems against WannaCry."

"Northwestern University uses Splunk software to help our security team detect threats so we can deliver consistent services and protect critical data for staff, faculty and students. Splunk enables us to search for threat indicators across our systems on the fly, without having to generate cumbersome reports or manually sift through data in source systems," said Tom Murphy, CISO, Northwestern University. "With Splunk our security analysts can pivot and view new sets of data from a single source as investigations evolve. In the case of WannaCry, we used statistical models and visualizations from Splunk Enterprise to maintain a comprehensive, real-time view of network activity that might be associated with ransomware, to help detect and prevent any damage from occurring."


Published Wednesday, June 28, 2017 8:23 AM by David Marshall
Filed under:
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
Calendar
<June 2017>
SuMoTuWeThFrSa
28293031123
45678910
11121314151617
18192021222324
2526272829301
2345678