IRI Reveals Data-Centric Security Insights in Splunk SIEM Software
Database Events and Exposed Dark Data Meet Cloud Display, Alert, and Response
Melbourne, FL - April 9, 2019 - Innovative Routines International (IRI), Inc. (www.iri.com), a leading provider of big data management and data-centric security software, has recently documented new options for Splunk Enterprise Security (ES) users interested in spotting and fixing discrete data at risk in disparate data sources. In blog articles just published, IRI shows how users of the Splunk ES Security Information and Event Management (SIEM) environment can leverage static or streaming information from different search and remediation log data in the IRI Chakra Max database firewall, or IRI’s static data masking products like DarkShield.
“The addition of granular details about where sensitive data is, and whether it’s been protected or not is very important for DBAs, data security governance (DSG) architects, and compliance officers,” observed IRI Data Software and Services Director Lisa Mangino. “Beyond the logs and reports in IRI products, having that data indexed and available in Splunk puts powerful analytic, dashboarding, and action mechanisms in play, and in the cloud” she added.
For example, when personally identifiable information (PII) and other sensitive information is queried or accessed in databases, Chakra Max can monitor, block, alert, and record that activity. Chakra Max also records those details and makes them available through real-time searches and reports. However, that data can also be sent to Splunk through real-time files and syslogs, ready for Splunk ES to use in custom dashboards, join other-event alerts, etc.
Or, when PII sits unmasked in unstructured files like email archives, PDFs and Microsoft documents, images and other “dark data” files, IRI DarkShield can also report and graph its search and masking results in files and dashboards. But by directly indexing, or automatically forwarding, that same log data to Splunk ES, it is possible for Splunk to analyze it in displays, and use it to create alerts and take action through the Splunk Adaptive Response Framework.
About IRI, The CoSort Company
IRI, Inc. is a leading US data management and protection ISV founded in 1978 and represented in 40 cities worldwide. Uniquely fast and versatile IRI data movement and manipulation engines -- and their Eclipse data and job control IDE -- provide highly price-performant and versatile data lifecycle solutions for BI/DW architects, data security and governance officers, DBAs, et al.
Splunk Inc. (NASDAQ: SPLK) helps organizations ask questions, get answers, take actions and achieve business outcomes from their data. Organizations use market-leading Splunk solutions with machine learning to monitor, investigate and act on all forms of business, IT, security, and Internet of Things data. Join millions of passionate users and try Splunk for free today.
Press inquiries to:
Craig Schein (firstname.lastname@example.org)
IRI, The CoSort Company
+1 800-333-SORT, ext. 229