Compliance
Article Type: Topic
- Analyzing AWS service action errorsYou want to use errors found in CloudTrail logs for alerting and proactive security hunting.
- Complying with General Data Protection RegulationHow to set up searches to monitor GDPR compliance in Splunk, with tips and tricks from Splunk experts.
- Complying with the HIPAA Security Rule for ePHIThe searches in this use case enhance the technical safeguards that your organization has in place to add an extra layer of security for e-PHI.
- Complying with the Markets in Financial Instruments Directive IIRun these searches to help ensure compliance and identify any MiFID II violations so they can be investigated and prevented in the future.
- Conducting an Azure new user censusGet basic information about each new Azure user and their user IDs for further investigation.
- Detecting non-privileged user accounts conducting privileged actionsDetect all the actions taken by any individual with root or administrative privileges or when user non-privileged accounts attempt to conduct escalated actions.
- Detecting Personally Identifiable Information (PII) in log dataSplunk ES provides threat management with a granular and centralized view of enterprise security - an essential need for organizations that need to ensure PCI DSS compliance.
- Detecting unencrypted web communicationsHow to use Splunk software to find and correct unencrypted web communications.
- Identifying new Windows local admin accountsHow to use Splunk software to find new Windows local admin accounts so that you can take action, if needed.
- Monitoring Kubernetes sensitive role activitiesHow to use Splunk software to detect suspicious requests against Kubernetes sensitive role activities.
- Monitoring NIST SP 800-53 rev5 control familiesYou need to monitor the control families listed in NIST SP 800-53 rev5.
- Processing DMCA noticesYou want to use Splunk software to speed up the processing of DMCA notices.
- Recognizing improper use of system administration toolsHow to use Splunk software to examine Windows security logs for unusual authentication events and then investigate events taken by those logged-in users.
- Verifying multifactor authentication usageYou want to see if your network users are logging in without MFA.