Skip to main content

 

Splunk Lantern

Splunk Enterprise Security

 

Begin Your Splunk Enterprise Security Journey

If you just purchased Splunk Enterprise Security, welcome! We are pleased to have you as a customer and want to make your customer journey a success.

You might be feeling overwhelmed by all the resources Splunk offers, so we suggest starting with some of these resources which have been selected to help you in this early part of your journey. 

Learn More about Splunk and Security

The security industry widely acknowledges that organizations which avoid or minimize damage from cyber security attacks have well defined processes and skilled personnel along with effective security technology. In short, security involves people, process and technology, and all three are critical.

The industry has also developed frameworks to help sort out what are the best practices within each of these three pillars. These frameworks cover areas like compliance, detections, investigations, change control, data governance, and more.

To get a comprehensive survey of all these areas, Splunk offers the Splunk Security Maturity Model (S2M2) which assesses the people (skills), processes and technologies that should be present in a SOC. This assessment can help you develop a roadmap to increase your coverage in all three areas, and to maximize your value realized with technology platforms such the Splunk Security suite. 

Become a Security expert

A key process in security is content development. Examples include content to accelerate hunting, and detections. While there is more to security than threat hunting and detections, these are areas in which Splunk excels.

Here are some links that will introduce you to the work of our Security Threat Research Team, along with other guidance on security content development. You will find that much is done for you - you just need to adopt and extend as needed. 

   

Discover more Splunk resources

Here are some additional resources focused on applying Splunk to security.

Because it takes practice to become skilled at security, we have made Splunk available for people to practice on using the BOTS data set. This contains realistic sample data along with instruction material to help you through the exercises. 

Happy threat Splunking! 

 

  • Was this article helpful?