Security

Splunk Debuts New Security Tool for Ransomware

• By Joshua Bolkan
• 06/28/17

Splunk has launched a new analytics tool for managing ransomware attacks, Splunk Insights for Ransomware.

The new tool is designed to provide smaller organizations insight to assess and investigate potential threats and augments existing security tools by helping to identify gaps before and after attacks and ingesting event logs from various sources. Insights for Ransomware offers the operational intelligence tools of the company's Splunk Enterprise with pricing based on the number of user accounts monitored for ransomware.

"Northwestern University uses Splunk software to help our security team detect threats so we can deliver consistent services and protect critical data for staff, faculty and students," said Tom Murphy, CISO at Northwestern University, in a prepared statement. "Splunk enables us to search for threat indicators across our systems on the fly, without having to generate cumbersome reports or manually sift through data in source systems. With Splunk our security analysts can pivot and view new sets of data from a single source as investigations evolve. In the case of WannaCry, we used statistical models and visualizations from Splunk Enterprise to maintain a comprehensive, real-time view of network activity that might be associated with ransomware, to help detect and prevent any damage from occurring."

More information is available at splunk.com.