All Apps and Add-ons
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Is there a Splunk App or Add-on that validates ISO27001 compliance after fulfilling specific auditing requirements?

krvamsireddy
Explorer
‎09-24-2020 07:29 AM

We are planning to achieve ISO27001 (open data exchange) for that we need to achieve specific auditing requirements, so do we have any app/addon in Splunk which will have dashboards/compliance to validate and thus making it to ISO27001 compliant.

Labels (2)
Labels
0 Karma
Reply

sandyjov1
Explorer
‎10-13-2021 01:15 PM

 Has anyone had this question answered?

 

0 Karma
Reply

gcusello
SplunkTrust
SplunkTrust
‎10-13-2021 11:37 PM

Hi @sandyjov1,

I'm a GRC consultant and a Splunk Architect and I can confirm what @thambisetty said: there isn't an app for ISO/IEC27001 compliance, also because, for ISO/IEC27001 compliance you could only to check the presence of a SIEM or an antivirus or a firewall and to do this you don't need a system like Splunk.

In addition, in ISO/IEC27001 you have to check the presence of processes and organizational structures that you cannot check with Splunk.

Compliance ISO/IEC27001 is a process and to manage it you need a BPM system that permits to manage the process and archive documents, in other words Splunk has another job.

Using Splunk you could check the maturity of your IT infrastructure (not of all your organization) and the risk level of your infrastructure (using e.g. Enterprise Security) that's very useful for the risk analysis that's a little part of ISO/IEC27001 compliance process.

Using Splunk I created (it's an intellettual property of my company so I cannot share it) an app to integrate the results of more systems (Splunk ES, Tenable.io, a risk quantification tool, Office365, etc...) to show the maturity level of an infrastructure and the compliance with some framework (as NIST or ISO/IEC27001) but taking values from other systems.

I asked to present our platform to the Splunk .Conf2021 but our proposal wasn't accepted, Ill retry next year.

Ciao.

Giuseppe

0 Karma
Reply

thambisetty
SplunkTrust
SplunkTrust
‎09-25-2020 01:11 AM

I don’t think there is Splunk app for ISO27001. Because ISO27001 talks about what needs to be logged from different log sources. It doesn’t specifically say that which log source needs to be integrated with central logging solution in your organization.

but there is a white paper( link given below ) which talks about how Splunk can support ISO27001 framework.

you need to register to download the white paper. 

https://www.splunk.com/en_us/form/how-splunk-and-machine-data-support.html

————————————
If this helps, give a like below.
Reply

krvamsireddy
Explorer
‎09-25-2020 12:49 AM

@thambisetty can you please suggest?

0 Karma
Reply
Get Updates on the Splunk Community!

Fueling your curiosity with new Splunk ILT and eLearning courses

At Splunk Education, we’re driven by curiosity—both ours and yours! That’s why we’re committed to delivering ...

Splunk AI Assistant for SPL 1.1.0 | Now Personalized to Your Environment for Greater ...

Splunk AI Assistant for SPL has transformed how users interact with Splunk, making it easier than ever to ...

Unleash Unified Security and Observability with Splunk Cloud Platform

     Now Available on Microsoft AzureOn Demand Now Step boldly into the AI revolution with enhanced security ...
Top