Use Cases for Security with Splunk Platform
Browse the categories below to learn how you can use the Splunk platform to accomplish your security business goals.
Or, if you have Splunk premium products for security, check out the Use Case Explorer for Security.
- Compliance
- Analyzing AWS service action errors
- Automating Know Your Customer continuous monitoring requirements
- Complying with the Markets in Financial Instruments Directive II
- De-identiying PII consistently with hashing in Edge Processor
- Defining and detecting Personally Identifiable Information (PII) in log data
- Detecting unencrypted web communications
- Identifying new Windows local admin accounts
- Knowing your financial services customer
- Monitoring consumer bank accounts to maintain compliance
- Monitoring NIST SP 800-53 rev5 control families
- Processing DMCA notices
- Recognizing improper use of system administration tools
- Running common General Data Protection Regulation (GDPR) compliance searches
- Security Monitoring
- Managing firewall rules
- Masking IP addresses from a specific range
- Monitoring badges for facilities access
- Monitoring for network traffic volume outliers
- Monitoring major Cloud Service Providers (CSPs)
- Reducing PAN and Cisco security firewall logs with Splunk Edge Processor
- Routing root user events to a special index
- Securing a work-from-home organization
- Securing infrastructure-as-code with Zscaler Posture Control
- Securing medical devices from cyberattacks
- Threat Hunting
- Checking for files created on a system
- Detecting a ransomware attack
- Detecting brute force access behavior
- Detecting malicious activities with Sigma rules
- Detecting network and port scanning
- Detecting recurring malware on a host
- Detecting software supply chain attacks
- Detecting Supernova web shell malware
- Detecting the use of randomization in cyberattacks
- Detecting TOR traffic
- Detecting Trickbot attacks
- Finding interactive logins from service accounts
- Finding large web uploads
- Monitoring a network for DNS exfiltration
- Monitoring DNS queries
- Monitoring Windows account access
- Protecting a Salesforce cloud deployment
- Reconstructing a website defacement
- Visualizing processes and their parent/child relationships
- Windows user group changes