Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Splunk @ Adobe

1,272 views

Published on

Where did that instance go? Security and compliance using Splunk

Published in: Technology
  • There is a useful site for you that will help you to write a perfect and valuable essay and so on. Check out, please ⇒ www.HelpWriting.net ⇐
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • To get professional research papers you must go for experts like ⇒ www.WritePaper.info ⇐
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • HelpWriting.net is a good website if you’re looking to get your essay written for you. You can also request things like research papers or dissertations. It’s really convenient and helpful. If you’ve got something very last-minute then it can be a little risky but either way it’s probably better than anything you can throw together :).
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here

Splunk @ Adobe

  1. 1. Splunk Company Overview 1 Company • Global HQs: - San Francisco - London - Hong Kong • 2,100+ employees globally • Annual Revenue: $668.4M (YoY +49%) • NASDAQ: SPLK Products • Free trial to massive scale • Splunk products: - Splunk Enterprise - Splunk Cloud - Hunk - Splunk Light - Splunk MINT - Premium Solutions Customers • 11,000+ customers • Across 110+ countries • Small to large organizations • More than 80 of the Fortune 100 • Largest license: - 1+ Petabytes/day
  2. 2. Spelunking: Splunking: to explore underground caves to explore machine data
  3. 3. 3 Make machine data accessible, usable and valuable to everyone. 3
  4. 4. Structured RDBMS SQL Search Schema at Write Schema at Read Traditional Splunk The Splunk Approach To Machine Data Copyright © 2014 Splunk Inc. 4 ETL Universal Indexing Volume Velocity Variety Unstructured
  5. 5. Turning Machine Data Into Operational Intelligence INDEX ANY MACHINE DATA: ANY SOURCE, TYPE, VOLUME Online Services Web Services Servers Security GPS Location Storage Desktops Networks Packaged Applications Custom ApplicationsMessaging Telecoms Online Shopping Cart Web Clickstreams Databases Energy Meters Call Detail Records Smartphones and Devices RFID On- Premises Private Cloud Public Cloud GAIN REAL-TIME VISIBILITY Apps & Solutions Report & analyze Custom dashboard s Monitor and alert Ad hoc search
  6. 6. Platform for Operational Intelligence The Splunk Portfolio Rich Ecosystem of Apps & Add-Ons Splunk Premium Solutions Mainframe Data Relational Databases MobileForwarders Syslog/TCP IoT Devices Network Wire Data Hadoop
  7. 7. Splunk for IT Operations and App Delivery Platform for Machine Data Service Monitoring IT Operational Analytics Application Management DevOpsIT Troubleshooting
  8. 8. Platform for Machine Data Splunk IT Service Intelligence Data-Driven Service Monitoring and Analytics At-a-Glance Problem Analysis Early Warning on Deviations Dynamic Service Models Seamless Workflow Integrations
  9. 9. Platform for Machine Data Application Delivery Security, Compliance and Fraud Business Analytics Industrial Data and Internet of Things IT Operations EMEA Use Cases For Operational Intelligence Vodafone John Lewis NHS Tesco Ubisoft Vertu BBC Ticketmaster Graphmasters VW Bosch Deutsche Bahn IKEA Yoox Sky Sparkasse/FI Shazam Yahoo Gatwick Kurt Geiger
  10. 10. © 2016 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. Where Did That Instance Go? How to optimize Security and Compliance
  11. 11. © 2016 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. DIGITAL EXPERIENCES CHANGING THE WORLD THROUGH
  12. 12. © 2016 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. ADOBE.IO PRIVATE, PUBLIC OR HYBRID CLOUD CORE TECHNOLOGIES ADOBE CLOUD PLATFORM CONTENT DATA 12
  13. 13. © 2016 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. Security vs. Compliance
  14. 14. © 2016 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. Compliance is NOT Security and Security is NOT Compliance § Compliance is NOT Security § Security is e.g. about protecting information from threats § Compliance is e.g. about “reporting” of how the security meets the controls § and any standard is having different controls 14 Security Compliance
  15. 15. © 2016 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. Adobe “Common Control Framework” § Clear guidance to all of our product and services teams § 1000 requirements rationalized down to about 200 Adobe-specific controls § See whitepaper and video: http://adobe.ly/1RbIO3A 15
  16. 16. © 2016 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. Answering controls with data § Data is created every second § Authentication logs § Change logs(deployments, builds, …) § Audit logs § Transaction logs § … § The needle in the haystack: § Thousands of servers / instances / containers § Multi regions / data centers § Multi environments (Development, Staging, Production) § Up-/Downscaling (short living infrastructure) § At Adobe we are using Splunk to find evidence and answer controls 16 Picture by Jens Ihnow at
  17. 17. © 2016 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. Splunk to aggregate them all 17 Splunk AWS Applications Security, Performance, … Build & Deployment Builds, deployments, … Security CloudTrail, Loadbalancer, … Threatintelligence, ... Search Enterprise Security AWS App Compliance App … Alerts Dashboards Search Reports (Archiving)
  18. 18. © 2016 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. Splunk Use case examples
  19. 19. © 2016 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. AWS Cloudtrail - Splunk App for AWS § Cloudtrail records AWS API activity: 19
  20. 20. © 2016 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. Amazon ElasticLoadBalancer § Use of SSL Ciphers § “Activities by AWS”: 20 Available data: • timestamp • elb • client:port • backend:port • request_processing_time • backend_processing_time • response_processing_time • elb_status_code • backend_status_code • received_bytes sent_bytes • "request" • "user_agent" • ssl_cipher ssl_protocol
  21. 21. © 2016 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. Compliance Tracking of build and deployment 21 § Logging deployed on all workflows (build, deploy, run, …) § Custom log format § Now Compliance is going to be „interesting“!
  22. 22. © 2016 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. Cloud Infrastructure Security for AWS by evident.io 22
  23. 23. © 2016 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. Visibilityand transparency– a very old problem § Dashboards: § Usually Application / infrastructure § Sometimes Security § But what about Compliance? § Reporting: § Scheduled status reports § Alerting: § eMail § Pager § Launch of Incidents / Problems 23 Picture by Jens Ihnow at
  24. 24. © 2016 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. References § Adobe CCF Whitepaper and Video: http://adobe.ly/1RbIO3A § Splunk – http://www.splunk.com § Splunk Enterprise Security - http://splk.it/1UDSSEf § Splunk App for AWS - http://splk.it/1WQU24g § Splunk App for Compliance - http://splk.it/1U9wxkb 24 Questions? Meet us during the lunch break at the Splunk booth!

×