More Related Content Similar to Splunk @ Adobe (20) Splunk @ Adobe1. Splunk Company Overview
1
Company
• Global HQs:
- San Francisco
- London
- Hong Kong
• 2,100+ employees
globally
• Annual Revenue:
$668.4M (YoY +49%)
• NASDAQ: SPLK
Products
• Free trial to massive scale
• Splunk products:
- Splunk Enterprise
- Splunk Cloud
- Hunk
- Splunk Light
- Splunk MINT
- Premium Solutions
Customers
• 11,000+ customers
• Across 110+ countries
• Small to large
organizations
• More than 80 of the
Fortune 100
• Largest license:
- 1+ Petabytes/day
10. © 2016 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential.
Where Did That Instance Go?
How to optimize Security and Compliance
11. © 2016 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential.
DIGITAL EXPERIENCES
CHANGING THE WORLD THROUGH
12. © 2016 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential.
ADOBE.IO
PRIVATE, PUBLIC OR HYBRID CLOUD
CORE TECHNOLOGIES
ADOBE CLOUD PLATFORM
CONTENT DATA
12
13. © 2016 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential.
Security vs. Compliance
14. © 2016 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential.
Compliance is NOT Security and Security is NOT Compliance
§ Compliance is NOT Security
§ Security is e.g. about protecting information from threats
§ Compliance is e.g. about “reporting” of how the security meets the controls
§ and any standard is having different controls
14
Security
Compliance
15. © 2016 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential.
Adobe “Common Control Framework”
§ Clear guidance to all of our product and services teams
§ 1000 requirements rationalized down to about 200 Adobe-specific controls
§ See whitepaper and video: http://adobe.ly/1RbIO3A
15
16. © 2016 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential.
Answering controls with data
§ Data is created every second
§ Authentication logs
§ Change logs(deployments, builds, …)
§ Audit logs
§ Transaction logs
§ …
§ The needle in the haystack:
§ Thousands of servers / instances / containers
§ Multi regions / data centers
§ Multi environments (Development, Staging, Production)
§ Up-/Downscaling (short living infrastructure)
§ At Adobe we are using Splunk to find evidence and answer controls
16
Picture by Jens Ihnow at
17. © 2016 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential.
Splunk to aggregate them all
17
Splunk
AWS
Applications Security, Performance, …
Build & Deployment Builds, deployments, …
Security
CloudTrail, Loadbalancer, …
Threatintelligence, ...
Search
Enterprise
Security
AWS
App
Compliance
App
…
Alerts
Dashboards
Search
Reports
(Archiving)
18. © 2016 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential.
Splunk Use case examples
19. © 2016 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential.
AWS Cloudtrail - Splunk App for AWS
§ Cloudtrail records AWS API activity:
19
20. © 2016 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential.
Amazon ElasticLoadBalancer
§ Use of SSL Ciphers
§ “Activities by AWS”:
20
Available data:
• timestamp
• elb
• client:port
• backend:port
• request_processing_time
• backend_processing_time
• response_processing_time
• elb_status_code
• backend_status_code
• received_bytes sent_bytes
• "request"
• "user_agent"
• ssl_cipher ssl_protocol
21. © 2016 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential.
Compliance Tracking of build and deployment
21
§ Logging deployed on all workflows (build, deploy, run, …)
§ Custom log format
§ Now Compliance is going to be „interesting“!
22. © 2016 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential.
Cloud Infrastructure Security for AWS by evident.io
22
23. © 2016 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential.
Visibilityand transparency– a very old problem
§ Dashboards:
§ Usually Application / infrastructure
§ Sometimes Security
§ But what about Compliance?
§ Reporting:
§ Scheduled status reports
§ Alerting:
§ eMail
§ Pager
§ Launch of Incidents / Problems
23
Picture by Jens Ihnow at
24. © 2016 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential.
References
§ Adobe CCF Whitepaper and Video: http://adobe.ly/1RbIO3A
§ Splunk – http://www.splunk.com
§ Splunk Enterprise Security - http://splk.it/1UDSSEf
§ Splunk App for AWS - http://splk.it/1WQU24g
§ Splunk App for Compliance - http://splk.it/1U9wxkb
24
Questions?
Meet us during the
lunch break at the
Splunk booth!