Beruflich Dokumente
Kultur Dokumente
Deliver
Weaponize
Control
Exploit
Maintain
Execute
Solutions Guide
Conventional
Approach
(Known Threats)
APT / Risk-based
Approach
(Unknown Threats)
Controls
Coverage
Protect all
information assets
Controls
Focus
Signature-based
preventive
controls
(AV, firewalls, IPS)
Perspective
Perimeter based
Data centric
Goal of
Logging
Compliance
reporting
Threat detection
Incident
Management
Find and
neutralize
malware and/or
infected nodes
(reactive)
Threat
Intelligence
Collect
information
on malware
Develop deep
understanding of
attackers modus
operandi in context
of the organizations
key assets and IT
environment
Success
Definition
No attackers get
into the network
Attackers sometimes
get in, but are detected
quickly and impact
(risk) is minimized
Solutions Guide
Free Download
Download Splunk for free. Youll get a Splunk Enterprise 6
license for 60 days and you can index up to 500 megabytes
of data per day. After 60 days, or anytime before then,
you can convert to a perpetual Free license or purchase an
Enterprise license by contacting sales@splunk.com.
info@splunk.com | sales@splunk.com
866-438-7758 | 415-848-8400
www.apps.splunk.com
www.splunk.com
2014 Splunk Inc. All rights reserved. Splunk, Splunk>, Listen to Your Data, The Engine for Machine Data, Hunk, Splunk Cloud, Splunk Storm and SPL are trademarks and
registered trademarks of Splunk Inc. in the United States and other countries. All other brand names, product names, or trademarks belong to their respective owners.
Item # SG-Splunk-Security-109