Security Operations Tech Talks

Cloud Data Modeling for Security

melissap
Splunk Employee
Splunk Employee

View the Tech Talk: Platform Edition, Cloud Data Modeling for Security 

Are you trying to achieve end-to-end visibility across your multi-cloud or hybrid environment but running into roadblocks? This tech talk addresses the challenge of normalizing data from the 3 major cloud service providers’ implementations, and establishing a set of security checks across them. Join us to learn how to implement a unified framework within data analytics tools that can be used for cloud monitoring, investigation, detection and response.

Tune in to learn about:

  • Normalizing data from different cloud vendors
  • Difference between perimeter and cloud security posture
  • Splunk tools to achieve vendor wide security monitoring, detection and defense

Tech Talk discussions remain open for two weeks following the live Tech Talk event. Have more questions? Check out our  Splunk Cloud conversations in Splunk Answers community for more!

2 Comments
melissap
Splunk Employee
Splunk Employee

Here is a question that came up during the Tech Talk. Sharing for all.

Q: Does Splunk have any plans to keep this DM up to date with the pace that AWS/Azure/GCP are updating the ways in which their logging can vary?
A: The plan is to do via TA/Addons and tools like the Cloud DM
melissap
Splunk Employee
Splunk Employee

Here are some follow up materials for your journey:

  • Get the cloud data model from GitHub: Code repository with detailed documentation on pre-requisites, installation and troubleshooting
  • Read the blog post: Using the cloud data model to detect container implantation
  • Watch the DEFCON session recording Cloud Village - Rod Soto's and José Hernandez' 'Using Splunk For Auditing AWS GCP Azure Security'
  • Leave us feedback by emailing research@splunk.com or visit ideas.splunk.com
Get Updates on the Splunk Community!

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...

What's new in Splunk Cloud Platform 9.1.2312?

Hi Splunky people! We are excited to share the newest updates in Splunk Cloud Platform 9.1.2312! Analysts can ...

What’s New in Splunk Security Essentials 3.8.0?

Splunk Security Essentials (SSE) is an app that can amplify the power of your existing Splunk Cloud Platform, ...
Labels