Use Cases for Security with Splunk Platform
Browse the categories below to learn how you can use the Splunk platform to accomplish your security business goals.
Or, if you have Splunk premium products for security, check out the Use Case Explorer for Security.
- Compliance
- Analyzing AWS service action errors
- Complying with the Markets in Financial Instruments Directive II
- Defining and detecting Personally Identifiable Information (PII) in log data
- Detecting unencrypted web communications
- Identifying new Windows local admin accounts
- Knowing your financial services customer
- Monitoring consumer bank accounts to maintain compliance
- Monitoring NIST SP 800-53 rev5 control families
- Processing DMCA notices
- Recognizing improper use of system administration tools
- Running common General Data Protection Regulation (GDPR) compliance searches
- Security Monitoring
- Managing firewall rules
- Masking IP addresses from a specific range
- Monitoring badges for facilities access
- Monitoring for network traffic volume outliers
- Routing root user events to a special index
- Securing a work-from-home organization
- Securing infrastructure-as-code with Zscaler Posture Control
- Securing medical devices from cyberattacks
- Threat Hunting
- Checking for files created on a system
- Detecting AWS network ACL activity
- Detecting a ransomware attack
- Detecting brute force access behavior
- Detecting malicious activities with Sigma rules
- Detecting network and port scanning
- Detecting recurring malware on a host
- Detecting software supply chain attacks
- Detecting Supernova web shell malware
- Detecting the use of randomization in cyberattacks
- Detecting TOR traffic
- Finding interactive logins from service accounts
- Finding large web uploads
- Investigating Gsuite phishing attacks
- Monitoring a network for DNS exfiltration
- Monitoring DNS queries
- Monitoring Windows account access
- Protecting a Salesforce cloud deployment
- Reconstructing a website defacement
- Visualizing processes and their parent/child relationships
- Windows user group changes