Diese Präsentation wurde erfolgreich gemeldet.
Wir verwenden Ihre LinkedIn Profilangaben und Informationen zu Ihren Aktivitäten, um Anzeigen zu personalisieren und Ihnen relevantere Inhalte anzuzeigen. Sie können Ihre Anzeigeneinstellungen jederzeit ändern.

SplunkLive! Utrecht 2019: NN Group

191 Aufrufe

Veröffentlicht am

Learn the benefits of automated capabilities and how Splunk is an important building block for operational and security monitoring within NN.

Veröffentlicht in: Technologie
  • Als Erste(r) kommentieren

  • Gehören Sie zu den Ersten, denen das gefällt!

SplunkLive! Utrecht 2019: NN Group

  1. 1. � 2019 SPLUNK INC.� 2019 SPLUNK INC. Security monitoring during a digital transformation Jorrit Folmer CISSP CCSP | Security monitoring consultant @ NN Group N.V 18 November 2019
  2. 2. Vision NN will adopt a self-service infrastructure with standardized cloud services and automated processes
  3. 3. Vision NN will adopt a self-service infrastructure with standardized cloud services and automated processes Before After Silo shopping
  4. 4. Vision NN will adopt a self-service infrastructure with standardized cloud services and automated processes Before After Silo shopping Full end-to-end ownership
  5. 5. Vision NN will adopt a self-service infrastructure with standardized cloud services and automated processes Before After Silo shopping Full end-to-end ownership Manual and lossy
  6. 6. Vision NN will adopt a self-service infrastructure with standardized cloud services and automated processes Before After Silo shopping Full end-to-end ownership Manual and lossy Automated and predictable
  7. 7. Vision NN will adopt a self-service infrastructure with standardized cloud services and automated processes Before After Silo shopping Full end-to-end ownership Manual and lossy Automated and predictable Fixed capabilities
  8. 8. Vision NN will adopt a self-service infrastructure with standardized cloud services and automated processes Before After Silo shopping Full end-to-end ownership Manual and lossy Automated and predictable Fixed capabilities On-demand and self-service
  9. 9. Vision NN will adopt a self-service infrastructure with standardized cloud services and automated processes Before After Silo shopping Full end-to-end ownership Manual and lossy Automated and predictable Fixed capabilities On-demand and self-service Central budget
  10. 10. Vision NN will adopt a self-service infrastructure with standardized cloud services and automated processes Before After Silo shopping Full end-to-end ownership Manual and lossy Automated and predictable Fixed capabilities On-demand and self-service Central budget Pay per use
  11. 11. Vision NN will adopt a self-service infrastructure with standardized cloud services and automated processes Before After Silo shopping Full end-to-end ownership Manual and lossy Automated and predictable Fixed capabilities On-demand and self-service Central budget Pay per use
  12. 12. Vision NN will adopt a self-service infrastructure with standardized cloud services and automated processes Before After Silo shopping Full end-to-end ownership Manual and lossy Automated and predictable Fixed capabilities On-demand and self-service Central budget Pay per use Faster
  13. 13. Vision NN will adopt a self-service infrastructure with standardized cloud services and automated processes Before After Silo shopping Full end-to-end ownership Manual and lossy Automated and predictable Fixed capabilities On-demand and self-service Central budget Pay per use Faster Cheaper
  14. 14. Vision NN will adopt a self-service infrastructure with standardized cloud services and automated processes Before After Silo shopping Full end-to-end ownership Manual and lossy Automated and predictable Fixed capabilities On-demand and self-service Central budget Pay per use Faster Cheaper Better
  15. 15. Target operating model Splunk team SOC team Execution Other dev-ops teams
  16. 16. Target operating model Execution Infrastructure as code Splunk team SOC teamOther dev-ops teams
  17. 17. Search tier Indexing tier Example 1
  18. 18. Search tier Indexing tier Example 1: multi-site in 1 hour Site 1 Site 2
  19. 19. Search tier Example 2: doubling in 2 hours Site 1 Site 2
  20. 20. Execution Target operating model Infrastructure as code Enterprise Security Splunk team SOC teamOther dev-ops teams
  21. 21. Target operating model Execution Infrastructure as code Enterprise Security Self-service data onboarding Splunk team SOC teamOther dev-ops teams
  22. 22. Target operating model Splunk team SOC Execution Infrastructure as code Enterprise Security Self-service data onboarding
  23. 23. Hi, I need security monitoring for my go-live Team10 Req 10
  24. 24. Hi, I need security monitoring for my go-live Team10Team11Team12 Req 10 Req 11 Req 12
  25. 25. Hi, I need security monitoring for my go-live Team10Team11Team12SOC Req 10 Req 11 Req 12 Onboard 7
  26. 26. Hi, I need security monitoring for my go-live Team10Team11Team12SOC Finish Onboard 8 Onboard 9 Onboard 10Onboard 7 Req 10 Req 11 Req 12
  27. 27. Hi, I need security monitoring for my go-live Team10Team11Team12SOC Finish Finish Onboard 8 Onboard 9 Onboard 10Onboard 7 Onboard 11 Onboard Req 10 Req 11 Req 12
  28. 28. Self-service model with Splunk Team10Team11Team12SOC Req 10 Req 11 Req 12
  29. 29. Self-service model with Splunk Team10Team11Team12SOC FinishOnboard 10Req 10 Req 11 Req 12 Onboard 11 Finish Onboard 12 Finish
  30. 30. Self-service onboarding model with Splunk Team10Team11Team12SOC FinishOnboard 10Req 10 Req 11 Req 12 Onboard 11 Finish Onboard 12 Finish Consulting Building self-service capabilities
  31. 31. Target operating model Splunk team SOC Application security monitoring (ASM) Infrastructure as code Enterprise Security Self-service data onboarding ASM handbook
  32. 32. Target operating model Splunk team SOC Application security monitoring (ASM) Infrastructure as code Enterprise Security Self-service data onboarding ASM testing ASM handbook
  33. 33. Target operating model Splunk team SOC Application security monitoring (ASM) Infrastructure as code Enterprise Security Self-service data onboarding ASM testing ASM contract automation ASM handbook
  34. 34. Target operating model Capability combinatorics
  35. 35. Target operating model Capability combinatorics
  36. 36. Target operating model Capability combinatorics
  37. 37. Target operating model Capability combinatorics
  38. 38. Target operating model Capability combinatorics
  39. 39. Internal capability market C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C
  40. 40. C C Internal capability market + end-to-end responsibility = defence in depth C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C Security monitoring tools
  41. 41. � 2019 SPLUNK INC.� 2019 SPLUNK INC. Thank You.

×