《Splunk:增强你的数字应变能力(2023)(英文版)(15页).pdf》由会员分享,可在线阅读,更多相关《Splunk:增强你的数字应变能力(2023)(英文版)(15页).pdf(15页珍藏版)》请在三个皮匠报告上搜索。
1、A prescriptive journey for security,ITOps and engineering leadersSupercharge Your Digital ResilienceSupercharge Your Digital Resilience|Splunk2From downtime to thriving:Start hereYou score four tickets to the concert of the decade.Checkout is a breeze.Your child settles into their seat as the pilot
2、announces an on-time departure.Both events occur without fanfare and thats a good thing.Because when the opposite unfolds,the backlash is noisy,quick and costly.When downtime comes between you and your Taylor Swift ticket,the world immediately knows.When your child spends a rainy night in a strange
3、city because their flight is delayed due to a system outage,it ruins your holiday and the chances youll use that air carrier again.At a time when organizations are no longer indistinguishable from the digital systems they rely on,disruptions arent just expensive they can cost an organization its rep
4、utation or its loyal customer base.And crucially,each disruption comes between a team and its ability to innovate,impacting tomorrows bottom line.Its not a matter of if something happens its a matter of when.Most organizations experience around 10 days of unplanned downtime per year.Thats why todays
5、 leaders are investing in digital resilience.When issues are resolved even faster or avoided altogether and teams have the time and tools to innovate,success is immediate and lasting.Products fly down conveyor belts and off shelves.Deliveries land on doorsteps,right on time.Flights are made.Loyal cu
6、stomers stay,new customers join and businesses scale.Supercharge Your Digital Resilience|Splunk3In fact,we believe digital resilience is the defining factor of successful companies this decade.And thats why weve created a digital resilience journey based on our experience with the worlds largest and
7、 most complex organizations,combined with the expertise of some of the smartest minds in security and observability.Through each stage of the journey,youll detect,investigate and resolve problems even faster driving greater digital resilience across your organization,no matter the challenge.$48M ann
8、ual savings on downtime costs2.5x more likely to report the majority of digital transformation projects as successful2x more likely to be fully prepared to adaptOrganizations with advanced digital resilience capabilities see major benefitsSource:Digital Resilience Pays OffSupercharge Your Digital Re
9、silience|Splunk4Beyond silos and swivel chairsCollaboration is key no person(or team)is an island.But more tools,more data,lots of alerts and limited visibility across increasingly complex environments can hinder cross-functional collaboration.In every organization,teams have shared needs and shared
10、 barriers to success.Weve found these challenges to be the ones security,ITOps and engineering teams most cite as getting in the way of their work:1Complex environmentsLegacy,multi-cloud and hybrid oh my!When teams cant see interdependencies in their systems and how changes can impact service health
11、 or their organizations overall security posture,it can be a huge barrier to digital resilience.2Siloed teams and toolsWhen teams arent set up to collaborate and when theyre inundated with lots of tools,alerts and data manual,disjointed workflows can lead to a lot of“I dont know.”3Reactive responseT
12、heres only so much time in a day.Understaffed teams spend their time sifting through alerts and fighting fires,with limited time and resources to prevent issues from happening.Supercharge Your Digital Resilience|Splunk5The Path To Greater ResilienceSecurity SecOpsObservability ITOps,EngineeringFound
13、ational VisibilitySee across hybrid environmentsSearch and investigateTroubleshoot with log analyticsPrioritized ActionsUnderstand risk and performanceExpand monitoring,alerting and responseUnderstand service healthProactive ResponseGet ahead of issuesDeliver situational awareness and automationEnsu
14、re reliability of consumer-facing web applicationsOptimized ExperiencesDelight customers and build trustUnify threat detection,investigation and responseDeliver exceptional digital customer experiencesTaking the next stepDigital resilience is a journey.But the path is far from linear.And,it can vary
15、 greatly by organization size,mission and industry.So weve created a model to help your security,ITOps and engineering teams expand into new and complementary use cases across security and observability.Itll take you from getting visibility to being more prioritized and proactive,ultimately deliveri
16、ng trustworthy experiences for your end users and customers.In the following pages,well walk you through four steps towards greater digital resilience.Through the journey,youll learn how to help your teams overcome the complexities,threats and disruptions that come between you and your mission so yo
17、u can keep doing what youre doing,and keep doing it better.No matter what.Digital Resilience at Enterprise ScaleSupercharge Your Digital Resilience|Splunk6Below,we dive into the four key stages to help your organization achieve greater resilience across security,ITOps and engineering.Foundational vi
18、sibility See across hybrid environmentsWhat it is Resilience starts with end-to-end visibility.Organizations need to be able to see across their entire tech stack and processes at scale,so that ITOps and security teams can detect,investigate and fix problems before its too late.Why it matters When y
19、ou have foundational visibility,you can use your organizations data to answer questions concerning the end-to-end health and security of your IT environment.Instead of searching one application or tool at a time,you can string together different types of data from a number of different sources quick
20、ly finding,fixing and contextualizing issues before its too late.Foundational visibility bridges gaps across legacy,hybrid and multi-cloud environments,so teams can understand their data,wherever it resides.How to achieve it To develop foundational visibility,you need to be able to ingest,normalize
21、and index log data from across your infrastructure in order to quickly perform search and analysis.You should use a single platform that can process data from a range of tools,systems and applications,to better break down data silos and streamline operations.Make sure youre also thinking about optim
22、izing storage costs by smartly filtering and routing your data.Ensure you can search across distributed environments from cloud to on-prem.Case Study:Visibility from the store to your door Having eyes into store operations helps Papa Johns keep up with increased customer demand while empowering vita
23、l field operations.13K+stores monitored“Splunks sophisticated platform helps us measure the heartbeat of our system,connecting the dots between the millions of transactions going through our entire ecosystem.The end-to-end visibility into our environment via Splunk is crucial in our complex hybrid w
24、orld.”Sarika Attal,VP of Enterprise Architecture and Technology Services at Papa JohnsSupercharge Your Digital Resilience|Splunk7Prioritized actionsUnderstand risk and performanceWhat it is Nowadays,advanced organizations aim to empower teams to prioritize their actions.By understanding enterprise r
25、isk and getting a live real-time view into service health,your teams can focus on issues with the most potential business impact.Why it matters ITOps and security practitioners most precious resource is their time.Hundreds of daily alerts can constantly pull them in different directions on any given
26、 day,without a clear way to prioritize which ones matter the most.Knowing the magnitude or potential impact of a service degradation or threat allows teams to focus their work on the most important business critical services.How to achieve it Organizations should expand their monitoring,alerting and
27、 response capabilities in order to understand how threats and incidents impact business service health.They can use visualizations to quickly identify high-risk events,and map components of different services to understand interdependencies.Teams can also enrich and correlate alerts with context fro
28、m additional data sources so they can automate triage.That empowers practitioners to spend less time on non-actionable alerts and false positives.Case Study:Faster,smarter investigations and effective threat preventionSplunks dashboards help Check Point visualize the current state of its systems,and
29、 automated alerts notify them of any malicious activity or network vulnerabilities.The Global Chief Information Security Officer(CISO)at Check Point,Jony Fischbein,says Splunk also allows his team to quickly and effectively investigate potential harmful issues such as developers taking source code o
30、ut of the office,or a new vulnerability appearing in a product they use before they can cause any damage.25xfaster security investigations“We now know what to investigate and whether weve solved the problem.And not just because someone has a gut feeling about it.The data shows us for certain.”Jony F
31、ischbein,Chief Information Security Officer at Check PointSupercharge Your Digital Resilience|Splunk8Proactive responseGet ahead of issuesWhat it means To further build digital resilience,organizations are able to get ahead of issues and develop proactive response capabilities.These organizations ha
32、ve situational awareness and automation while simultaneously ensuring the reliability of consumer-facing applications.Why it matters The longer it takes to resolve an issue,the greater the potential impact.Organizations suffer from nearly 10 days of downtime per year,costing them an average of$87 mi
33、llion.Adversaries can remain undiscovered in your network with an average of nine weeks of dwell time.By becoming proactive,organizations can prevent some of these issues before customers ever notice,or before they impact the business.How to achieve it Teams can develop analytics using machine learn
34、ing to rapidly detect advanced threats or identify patterns that can lead to latency or errors.As a result,teams are able to reinvest more time in activities like threat hunting and improving their detections,or proactively exploring their data to find other opportunities to improve.Case Study:A thr
35、ee-times faster response time to security events Using real-time insights from Splunk,Carrefour now responds three times faster to security threats,making smarter decisions about preventing incidents.The team can now intervene during incidents before they cause damage to systems or affect customers.
36、In the event of a breach,it gathers information about what went wrong so it can improve its systems in the future.33xfaster threat response times“Splunk raises the alert,opens a ticket and contacts the on-call security operations center(SOC)analyst.Its the cornerstone of our security operations.”Rom
37、aric Ducloux,SOC Analyst at CarrefourSupercharge Your Digital Resilience|Splunk9Optimized experiencesGet ahead of issuesWhat it means Sophisticated organizations optimize experiences so they can delight customers and build trust.Their people,processes and tools enable them to achieve real-time risk
38、insights,delivering exceptional digital customer experiences.Why it matters When digital runs the business,experiences for end users matter.Customers abandon apps that take too long to load or experience data breaches,negatively impacting revenue and brand reputation.Meanwhile for internal users,ana
39、lysts can overlook critical details when their workflow is spread across disjointed tools.How to achieve it Empower teams with a unified view across all their tools that infuses insights and automation across their entire experience.Teams can orchestrate actions with playbooks that automatically tri
40、age and contain a malicious attachment from a phishing email.For developers,synthetic tests can highlight problems before the code is released,and user monitoring gives insight into the user experience along with any potential issues so that the code can be rolled back if and when needed.Case Study:
41、Frictionless ecommerce experience Throughout the years,Rappi has risen to customers expectations for speed and convenience from offering reliable performance for its mobile apps and website to delivering merchandise fast,often in under 30 minutes.Rappis mobile app development team strives to release
42、 new app versions every two weeks via a phased rollout.As each phase launches,Engineering Manager Jose Felipe Lopezs team keeps an eye out for issues,watching for any spikes in app crash rates.4300%growth managed with real-time monitoring during the pandemic“Were all attuned to the potential busines
43、s impact of app errors or poor performance,so were grateful that Splunk Observability Cloud helps us be proactive about reliability and resilience.”Jose Felipe Lopez,Engineering Manager at RappiSupercharge Your Digital Resilience|Splunk10Enter Splunk:The key to enterprise resilienceThe worlds larges
44、t organizations rely on Splunk for their mission-critical operations to ensure they keep their digital systems secure and reliable.Heres how Splunks Unified Security and Observability Platform can help your organization on its path to greater resilience.The security journeyWithout the right strategy
45、,security teams are flying blind.Suddenly,cyberattacks have the potential to grow into catastrophic events with serious ramifications for organizations both big and small.Even the largest,most profitable companies in the world have fallen victim to malware that might have been detected with a better
46、,more unified solution.But its not all doom and gloom(we hope).To tackle threats that loom large,the answer is to become digitally resilient the cornerstone of any organizations success and survival in the digital age.By starting or stepping up your organizations security practice and preparedness p
47、rogressing through each stage of the journey depending on their level of maturity and needs you can better prepare for all manner of threats,attacks,compromises and other adverse events.Armed with the right tools,capabilities and know-how,security teams are well positioned to monitor,detect and resp
48、ond to events before its too late,homing in on vulnerabilities across their security stack mitigating risk and plugging holes before irreparable damage is done.This is a world where threat detection and response happens faster.And where organizations become increasingly resilient as they expand into
49、 new cases not only to better protect their business,but to also accelerate growth.Supercharge Your Digital Resilience|Splunk11Splunk empowers the entire security journeyFoundational visibility Security monitoring,incident management and compliance Get full visibility to quickly detect malicious thr
50、eats in your environment.Build a foundation with Splunk Enterprise,Splunk Enterprise Security and Splunk Security Essentials for security monitoring,incident management and compliance.Prioritized actions Enhance alerting with threat intelligence and risk-based alerting Prioritize actions with 1,400
51、out-of-the-box(OOTB)detections that combine threat intelligence and machine learning models with risk-based alerting(RBA)to guide analyst efforts where theyre needed most.Proactive response Automate with security orchestration,automation and response Automate repetitive tasks,investigation and respo
52、nse to increase efficiency and productivity with Splunk SOAR.Optimized experiences Unify security operations Seamlessly detect,investigate and respond to threats using one unified security operations experience for your SOC with Splunk Mission Control.Supercharge Your Digital Resilience|Splunk12If s
53、ecurity is Batman,then observability is RobinBy now,it should be clear that adopting digital resilience is a journey.Wherever you are on the path,Splunk has the tools to take your observability practice to the next level.The average organization deploys dozens of tools to monitor different parts of
54、their stack.As teams adopt disconnected tools,they face:Blind spots Increased toilCascading issuesAll of these factors increase the likelihood that a critical signal like a failure,error or outage goes unnoticed.Downtime and outages cost organizations real dollars.How many?Way too many.The stakes ar
55、e high.According to Digital Resilience Pays Off,each hour of downtime costs about$365,000.To provide an uninterrupted customer experience,companies are forced to course correct more frequently.But it doesnt have to be that way.Before you sing your favorite sad country song,lets suggest a better way.
56、With a healthy observability practice,ITOps and engineering teams can lower the cost of unplanned downtime building digital resilience holistically and organically.A robust observability practice will tell you:1If theres a problem and where its happening.2Its impact on the business.3Why its happenin
57、g.4How to fix it.5Who can fix it.6How to prevent the problem in the future.Now,if all of that sounds familiar,its for a good reason.Splunk has always been in the observability business we just didnt call it that earlier on.When you think back to why Splunk was created,it was to help ITOps teams find
58、 needles across all of their haystacks and keep their apps and infrastructure up and running.If that sounds a lot like the digital resilience journey,then youre on the right path.Supercharge Your Digital Resilience|Splunk13Splunk empowers the entire observability journeyFoundational visibility Troub
59、leshoot with log analytics Accelerate troubleshooting with logs from Splunk platform.Use full fidelity data visibility from cloud to edge to reduce tool sprawl and eliminate data silos.Prioritized actions Understand service health Splunk IT Service Intelligence(ITSI)gives ITOps teams a single,live v
60、iew of business service health with glass tables and service analyzers so they can prioritize actions.Proactive response Ensure reliability of consumer-facing web applications Engineers can use AutoDetect and machine learning capabilities in Observability Cloud to identify unusual changes or anomali
61、es in infrastructure.Use application performance monitoring(APM)and infrastructure monitoring(IM)to quickly identify hotspots.Splunk On-Call routes incidents to the appropriate developers and site reliability engineers(SREs)sending incidents to the right people at the right time.Optimized experience
62、s Deliver exceptional customer experiences Splunk Observability helps optimize web,mobile and application performance with best in class digital experience monitoring solutions Splunk Synthetic Monitoring and Splunk Real User Monitoring(RUM).Supercharge Your Digital Resilience|Splunk14Unifying the j
63、ourneysPlanning and forecasting your maturity journey across security and observability often happens in a vacuum.This results in a number of inefficiencies,including data overlap,cost implications,process mishaps and more.For these reasons,organizations seeking a strategic approach to digital resil
64、ience should synchronize their efforts across security and observability.A unified platform provides comprehensive visibility across the hybrid and edge technology landscape,as well as powerful tools for investigation and response,at scale,with the added benefit of one journey accelerating the other
65、.How does a unified platform help in the real world?Lets bring this to life.Consider a website that goes down or has significantly degraded performance.Did it go down because of malicious traffic,misconfigured API updates or a real demand spike?Without using a unified security and observability plat
66、form,its often difficult and slow to tell.Security teams may start responding to a perceived attack only to discover that the problem should also be handled by ITOps or the engineering team.With Splunk,security,ITOps and engineering teams get solutions built for their specific needs as well as the b
67、enefits of a unified platform.By using Splunk for both security and observability,teams gain a shared view of data.A shared view with a common search language and tooling simplifies cross-team collaboration to proactively prevent issues from becoming major disruptions,absorb shocks from digital disr
68、uptions and accelerate transformation.Splunk,Splunk and Turn Data Into Doing are trademarks and registered trademarks of Splunk Inc.in the United States and other countries.All other brand names,product names or trademarks belong to their respective owners.2023 Splunk Inc.All rights reserved.23-252289-Splunk-Supercharge Your Digital Resilience-EB-111Ready to learn more?Find out how to protect your business and modernize your security and observability practice with Splunk.