Splunk Use Case Library 2016-09-29

Please download to get full document.

View again

of 416
All materials on our website are shared by users. If you have any questions about copyright issues, please report us to resolve them. We are always happy to assist you.
Information Report
Category:

Documents

Published:

Views: 429 | Pages: 416

Extension: PDF | Download: 39

Share
Related documents
Description
Speed time to value with your enterprise security deployment by targeting data onboarding and monitoring activities based on the prior success of your peers with similar data sources.
Tags
Transcript
    ! #$%& ()* +,)* -* .)/0.12 !* 0 34 05  3678 +. 21/950 3678    Splunk, Inc. 250 Brannan Street, 2nd Floor San Francisco, CA 94107 +1.415.568.4200(Main) +1.415.869.3906 (Fax) www.splunk.com ! # %&'()*+,%(& ,)+&-*%,,#. %& , %- .(/0*#&, %- %&,#&.#. (&12 '() , # +..)#--## +&. *+2 /(&,+%& /(&'%.#&,%+1 +&.3() 4)%5%1#6#. *+,#)%+17 8&2 %&,#)/#4,%(&9 )#5%#:9 )#,)+&-*%--%(&9 .%--#*%&+,%(& () (, #) 0-# (' () ,+;%&6 (' +&2 +/,%(& 04(& , %- %&'()*+,%(& <2 4#)-(&- () #&,%,%#- (, #) , +& , # %&,#&.#. )#/%4%#&, %- 4)( %<%,#. <2 1+: +&. *+2 -0<=#/, , #* ,( /)%*%&+1 () /%5%1 1%+<%1%,27 >)(4)%#,+)2 +&. ?(&'%.#&,%+1 @&'()*+,%(& - +11 %&/10.#9 <0, &(, <# 1%*%,#. ,(9 4#)'()*+&/#9 -+1#-9 '%&+&/%+19 /(&,)+/,0+1 +&. -4#/%+1 *+);#,%&6 %&'()*+,%(&9 %.#+-9 ,#/ &%/+1 .+,+ +&. /(&/#4,- ()%6%&+,#. <2 , # .%-/1(-%&6 4+),29 %,- -0<-%.%+)%#- +&.3() +''%1%+,#-9 &(, 4)#5%(0-12 40<1%- #. () (, #):%-# .%-/1(-#. ,( , # 6#&#)+1 40<1%/9 &(, 4)#5%(0-12 +5+%1+<1# :%, (0, )#-,)%/,%(& ,( , # )#/#%5%&6 4+),2 () (, #)-9 &() &()*+112 '0)&%- #. ,( (, #)- :%, (0, /(*4#&-+,%(&9 +&. : %/ , # .%-/1(-%&6 4+),2 .#-%)#- ,( 4)(,#/, +6+%&-, 0&)#-,)%/,#. .%-/1(-0)# () /(*4#,%,%5# 0-#9 +&. : %/ %- '0)&%- #. 40)-0+&, ,( , %- .(/0*#&, +&. +44)(4)%+,#12 %.#&,%'%#. +- <#%&6 4)(4)%#,+)2 : #& '0)&%- #.7 ?(42)%6 , A BCDE F410&;9 @&/7 811 )%6 ,- )#-#)5#.7 ! # F410&; 1(6( %- + )#6%-,#)#. ,)+.#*+); (' F410&;7 811 (, #) 4)(.0/,- +&. /(*4+&2 &+*#- *#&,%(&#. #)#%& +)# ,)+.#*+);- () )#6%-,#)#. ,)+.#*+);- (' , #%) )#-4#/,%5# (:&#)-7 G#)-%(& ?(&,)(1 FH?IJ@!K >JLMJ8N JHG@HO ?1%#&, P+*# P(&# ?1%#&, ?(&,+/, Q(/0*#&, @--0# P( B7D 80, ()R-S J2+& T+%)/1(, Q#1%5#)2 Q+,# U012 BC ,  BCDE Q+,+ ?1+--%'%/+,%(& >)(4)%#,+)2  Professional Services/Security Use Case Workshop The use case development workshop is designed to assist the customer in the process of cataloging business drivers and requirements used toguide the customer delivery team assisted by Splunk Consultants in delivery of a solution that will meet the customers needs and budget. Usinginformation gained from the workshop the project team will deliver a prioritized list of data sources for on data boarding and use case adoption forthe cyber security operations team. Preparation Identify essential and beneficial staff per session based on the agenda that followsSecure meeting spaceMinimize meeting location changes as this is disruptive to progress and contributes to no showsAdequate seating for attendesOne, preferable 2 projectors/screensGuest WifiWhite boardsSplunk will provide a Webex session and use digital whiteboards, and utilize recording unless the customer has objections, thisis utilized to review enrich notes as needed to prepare deliverables and is not required if the customer is uncomfortableCollect supporting documentation electronicallyAll applicable internal policies and supporting standards such asInformation Resource ClassificationInformation Retention and DestructionInfrastructure logging and configurationDatabase Logging and ConfigurationApplication Logging and ConfigurationInventory of Standards with requirments for logging and monitoring applicable to your businessInternal Audit/Self Asessment for applicable security standards such as PCI/SOX/HIPPA inclusive current draft reportsExternal Audit/Self Asessment for applicable security standards such as PCI/SOX/HIPPAIdentifiy the following project roles and schedule for attendanceProject ManagerSenior Business AnalystSenior Technical Analyst/ArchitectSenior Security AnalystTest LeadExecutive SponsorExecutive Stakeholders or immediate deputiesCompliance AnalystsInternal Assors Typical Agenda 3 days The following agenda can be modified collaboratively if needed, our experience has been that we must allow some blocks of time betweensessions and start/end of day to avoid walk aways due to urgent business need arising during the day. Opening Session 9:30-11:00 (all participants)Openings and personal introductions, roles and responsibilities (all)Presentation of methodology for the workshop (splunk)Executive Round Table discus formal and informal project drivers other goals and success criteria.Review audit findings, addressable items, mandated remediationsReview prior year penetration test findingsReview burdensome existing compliance and reporting activitiesWorking Sessions each session will present a set of use cases to the team for joint evaluation and prioritization based on the criteriadeveloped in the opening session. Each session requires a representative with relevant experience in the domain and empowerment toset priority within the bounds given. A deputy for each executive stakeholder should attend working sessions additional participants arewelcome. Working Session #1 D1 11:00 13:00 (with 1 hour lunch)Review out of box use cases for Enterprise SecurityIdentify and catalog required data, enrichment and applicable use casesWorking Session #2 D1 13:00 - 16:00Review Professional Services/Customer developed Security Use casesIdentify and catalog required data, enrichment and applicable use casesWorking Session #3 D2 9:30 - 12:00Identify and catalog required data, enrichment and applicable use cases for gap areas in enterprise endpoint estateWorking Session #4 D2 13:00 - 15:00Identify and catalog required data, enrichment and applicable use cases for gap areas in enterprise network estateWorking Session #5 D3 9:30 - 12:00  Review tabled items from prior sessions, interview stake holders identified in prior sessions but not planed Review Session 14:00 - 16:00Review items capturedResort priority based on latter learning
We Need Your Support
Thank you for visiting our website and your interest in our free products and services. We are nonprofit website to share and download documents. To the running of this website, we need your help to support us.

Thanks to everyone for your continued support.

No, Thanks
SAVE OUR EARTH

We need your sign to support Project to invent "SMART AND CONTROLLABLE REFLECTIVE BALLOONS" to cover the Sun and Save Our Earth.

More details...

Sign Now!

We are very appreciated for your Prompt Action!

x