Author: Kelly Cooke

Top Five Actions to Improve Your Cyber Security Posture

The current state of Australian security breaches has thrown organisations into chaos and disarray. Australia is currently 5th in the World for cybercrime density, and 11th in the World for the average cost of a data breach ($4.5m). However, most of these breaches could have been avoided had basic cyber security hygiene been implemented.

If implemented correctly, the five items detailed below will give your organisation a fighting chance when, not if, attackers attempt to breach your networks and applications.

1) Know Your Attack Surface

You can’t defend what you don’t know exists! Before you can start defending and monitoring your networks, applications and staff, you must first identify all the assets and areas of risk that make up your overall attack surface. Ensure that you undertake daily discovery scans and conduct a gap analysis of newly discovered assets.

Additionally, it is important to ensure that your asset management system is updated regularly, all newly identified assets are added to your vulnerability management program, and those security assessments are carried out routinely.

It should go without saying that these activities should be undertaken against your Internet-facing and internal, corporate assets.

2) Secure the Network Perimeter AND the Perimeter Endpoints

The saying “the endpoint is the perimeter” has become a marshalling slogan in recent times. Unfortunately, it is quite true.

Gone are the days when the network firewall was the only point of focus for security controls. Client-side attacks are often used to circumvent perimeter controls by targeting end users directly. Endpoint Detection and Response (EDR) security controls are now a ‘must-have’ to defend against these attacks.

On the flip side, attackers continue to relentlessly target web applications and cloud platforms. Next-Generation Firewalls (NGFW) and Web Application Firewalls (WAF) are great security controls to better secure your network perimeter.

It is critical to ensure that your Internet-facing systems are security hardened! This includes implementing Multi-Factor Authentication (MFA) and a SIEM (Security Information and Event Management) to keep a watchful eye over all of your infrastructure systems and applications.

3) Perform Routine and Comprehensive Security Tests

Penetration testing has become a multi-billion-dollar industry. However, most “penetration tests” are nothing more than vulnerability scans in sheep’s clothing. It is important to implement a multi-level security testing program to provide the best insight into the security risks affecting your systems. This includes

  • Daily Vulnerability Scanning.
  • Monthly Social Engineering (Phishing) Campaigns.
  • Quarterly Penetration Testing against your networks, applications, and cloud platforms.
  • Yearly Red and Purple Team assessments.

However, this should only be the beginning. Ensure that you have implemented a robust vulnerability management program so that all findings from these engagements are being addressed and remediated promptly.

It is critical that vulnerability scanning and routine penetration testing should be performed at a minimum, even if you’re on a budget. Oh, and don’t forget to rotate your service provider for these engagements.

Complacency is a killer!

4) Develop and drill your incident response capabilities

“Everybody has a plan until they get punched in the mouth.” – Mike Tyson

All Incident Response (IR) capabilities should always be routinely refined and tested to maintain their effectiveness, in the same way as sharpening a sword. This approach is critical to putting an organisation in the best possible position to combat the next attack threatening the business. This can be best broken down into three pillars; people, process, and technology.

  • People need to be appropriately trained.
  • Processes need to be in place and routinely tested (including policies and IR playbooks).
  • Technology needs to be deployed to ensure the best systems are in place to respond and defend against cyber attacks.

All three pillars should be reviewed and updated every six months to ensure they are still relevant to the business context and aligned with industry-standard best practices. A fantastic way of performing a simulation for your Incident Response capacities is to routinely undertake Purple Teaming assessments. After all, how do you know your sword is sharp unless you use it?

5) Train your Army

An untrained army will lose every battle, every time. Cybersecurity training is often seen as an expenditure as opposed to an asset. A well-trained Blue Team can save an organisation millions of dollars when a security breach occurs.

Cybersecurity training should always be approached from multiple angles.

  • Technical training for all IT Staff, including engineers and analysts.
  • Cyber security awareness training for all staff.
  • Specific awareness training for high-value targets such as CEOs and CFOs.

Remember that while cyber security training is important, it is just as important to put the training to the test by performing in-house drills. There are several budget-friendly alternatives to the big service providers, which can include web-based training providers or even implementing a train-the-trainer style approach. Now, go drill, drill, drill, soldier!

Although the five points above do not account for every approach you can take to harden your company’s security posture, it is a great starting point to ensure you don’t become the next news headline

Manual Security Testing vs Automated Scanning?

The art of penetration testing has evolved over the years. What began with testing arrows on armour, has now become testing tools and techniques on systems and applications. Without a doubt, we are still mostly using manually driven techniques, however this can be slow, cumbersome, and subject to the human element which can result in faults and missed opportunities.

Over the last decade or so, tools to aid and automate security testing have rapidly entered the fray and are increasingly taking the burden off some of the more time-intensive tasks in the cyber security sphere, such as scanning, brute-forcing, or even full-fledged attacks commanded with single line commands. Tools such as BurpSuite, Nmap, SQLMap, Metasploit, and Nessus, among many others, have certainly sped up the discovery and exploitation of vulnerabilities, allowing more in-depth testing within often limited test windows.

Looking at the bounty of tools available to us, you may start to wonder why manual testing is required anymore. Here is a quick rundown on some of the benefits and disadvantages of both, and how using both on engagements, big and small, can be greatly beneficial.

Manual Testing – The Old Reliable

Manual testing, simply put, is the act of using little to no automation for tasks. A great example of this would be the manual exploration of a website while data is being captured by BurpSuite, where the tester can manually analyse the headers and requests as its own task later, rather than immediately after every click.

Manual testing also extends to the exploitation stage of an engagement, where the tester may need to utilise very specific commands or customised scripts to achieve the desired result.

While manual testing can be very meticulous, and provide a detailed and deep understanding of the subject of the test, it can be very time-consuming, possibly taking days longer than an automation-driven test. There are some vulnerabilities that just simply can’t be automated entirely, or are very prone to false positives if automated, and therefore will require further investigation, possibly using more time than if done entirely manually from the beginning.

Some examples of vulnerabilities that require manual testing to correctly identify and safely exploit are:

  • Social Engineering
  • Access Control Violations
  • Password Spraying and Credential Stuffing Attacks
  • SQL Injection
  • Cross-Site Request Forgery (CSRF)

Another advantage of manual testing over automation is the ability to find, and use, newly or not yet discovered zero-day exploits, which can take a significant amount of time to be implemented into commonly used tools.

Automated Testing – The Shiny New Tools

Automated penetration testing is really what is written on the package – it is the process of utilizing automation tools, such as applications, platforms, and scripts, rather than the expertise and efforts of a human tester. It can be significantly cheaper and far more time efficient (which also adds to cost efficiency) than manual testing by one or more human ethical hackers.

Automation tools can perform actions such as content discovery, vulnerability analysis, and brute forcing, in a matter of minutes or seconds, where it could take a manual tester hours or days to get the same results. Automated tools, namely scanning, can be left to run in the background while manual testing is also performed, or set to periodically scan for issues, such as Tenable Nessus keeping an eye on things and providing reports at set intervals or upon request.

When it comes to regular penetration testing, companies factor in cost, and it can be rather expensive to hire human penetration testers for regular tests or as in-house, so it can be more cost-effective to have automated tools do the day-to-day, then infrequently have a human run further tests and analysis.

There is no doubt that automation is the way of the future, and will continuously improve; however, there are many tasks that are best suited to manual testing, either due to the simple inability to automate or due to the hassle of false positives (and false negatives).

Another advantage to automation is consistency, in both its actions and results, and with the reporting at the end. As the scans and processes run are mostly, if not entirely hands-off, there is less room for human error or deviation, and therefore don’t require a highly trained expert to perform the required tasks, which ultimately can save money for the organization. Automation, however, is often unable to fully assess a threat and how it can impact you in context to your application, platform, infrastructure, network, or organisation as a whole, which is something a sufficiently trained human penetration tester can do, and make new actions accordingly. A vulnerability that may be picked up and reported as a low finding by an automation tool, could have much more critical consequences when chained with other low, or even informational, vulnerabilities.

So, what’s better? A manual or automated approach?

Simply put, both manual and automated testing methods have their place, and should always be used in penetration tests of all kinds. The level of detail and effectiveness provided by manual testing is unsurpassed, as well as contextual reporting and risk analysis that simply cannot be provided by even the best automation tools on the market. However, where speed and consistency of tasks are concerned, automation wins without question.

Although both methods can provide you with a satisfactory outcome in terms of vulnerability identification, what is best for your organization will come down to what level of detail and quality your organisation requires, the frequency of the tests, and the cost factor.

Ultimately, a combination of both manual and automated testing is the best way to get the highest quality outcome of a penetration test, with the most efficient use of time and money, to bring you a greater assurance of security and peace of mind that your assets are secure from malicious attack.

Have You Considered “Swinging” With Your Pen Testing Provider?

Have you been in a long-term relationship with your existing penetration testing vendor?  

Starting to feel like it’s time to ‘spice things up’ a bit?  

It’s easy to settle into a partnership with a vendor that you’ve got to know, they’ve got to know you along with the more intimate details of your business, and all of the ‘skeletons in your closet’.  It takes time to build that level of trust and knowledge of your organisational context.  

Recently however, there has been a whole lot of whispering behind hands, and new security best practice guidelines being circulated, which suggests that a good cybersecurity strategy should involve regularly changing or rotating your chosen pen testing vendor.  There are a number of reasons to consider the idea of “swinging” with your current pen testing provider.

You Don’t Know What You’re Missing Out On…

Familiarity breeds complacency.  And complacency deprives people of opportunities and brings growth to a standstill.  

If you’re not trying something new, you will always have reasonable doubts that your current vendor might be missing something when it comes to testing methods, skillsets or risk prioritisation. A different pen tester may have slightly different methodologies which could potentially unmask a previously unidentified vulnerability.   They may also report on vulnerabilities in a different way to what you have got used to – and who knows, you might just prefer it that way.

No Pleasure Endures Unseasoned By Variety…

No two pen testing companies are the same.  They come in differing sizes, they come with differing areas of expertise, differing levels of expertise, differing certifications, knowledge of particular industries, the list goes on.  By rotating partnering companies with varying skills, you can take advantage of each vendor’s proclaimed “specialist knowledge” to hedge your risk, and ensure you have the most appropriate pen tester for every engagement.

Rev Up The Relationship With A Little Healthy Competition

Changing up or rotating your pen testing vendors should not become a cut-throat activity, however there are some positive benefits that come with a little healthy competition.  The incoming testing partner will have the motivation and desire to please, they will be going the extra mile to deliver an improved outcome for you.  This, in turn, may drive a boost of creativity and innovation from your existing vendor, who will want to make sure the sparks are still flying, and you still recognise the value that they bring to the relationship.

As with all good relationships, new and existing, being open and transparent about what you’re looking to get out of the partnership is the key to a successful journey.  

At the end of the day, maximising your security posture is the number one goal, and if that means playing the field to see what else is out there, that may ultimately be the best decision for your organisation.  

It doesn’t mean you have to say “Au Revoir” to your long-term pen testing partner. It could simply be time to introduce a fresh perspective into the equation.  

JDS are keen to get in on the action.

JDS Australia Named 2022 Splunk APAC Services Partner of the Year

JDS Australia announced today it has received the 2022 APAC Services Partner of the Year for exceptional performance and commitment to Splunk’s Partnerverse. The APAC Services Partner of the Year award recognizes an APAC Splunk partner that is actively engaged in services implementations, in addition to having a strong commitment to training and certification of their organisation.   

“We’re thrilled to be awarded the 2022 APAC Services Partner of the Year.  I’m so proud of our team for the recognition, as it is a clear demonstration of their tireless commitment to being the most knowledgable and experienced Splunk partner in the region,” said Brian Grant, JDS Splunk General Manager. “We value our ongoing partnership with Splunk and look forward to another successful year of collaboration.”

“Congratulations to JDS Australia for being named the 2022 APAC Services Partner of the Year,” said Bill Hustad, Vice President of Alliances and Channel Ecosystems Splunk. “The 2022 Splunk Global Partner Awards recognize outstanding partners like JDS that drive positive business outcomes, as well as help our joint customers leverage Splunk to solve their challenges. Additionally, JDS works in collaboration with Splunk and shares our customer-first mentality.”

The Splunk Global Partner Awards recognize partners of the Splunk ecosystem for industry-leading business practices and dedication to constant collaboration. All award recipients were selected by a group of the Splunk executives, theater leaders and the global partner organisation. 

What It Means To Be CREST (Intl) Accredited

Anyone with a computer and an Internet connection can set themselves up as a penetration testing or cyber incident response service provider.  These could include irresponsible organisations that do not have in place policies, processes and procedures to ensure quality of service and protection of client based information.  The individuals employed by these companies may have no demonstrable skill, knowledge or competence in the provision of security testing.

CREST is an International not-for-profit accreditation and certification body that represents and supports the technical information security market. CREST requires a rigorous assessment of business processes, data security and security testing framework to demonstrate a level of assurance that the information security methodologies used can competently and securely provide customers with a robust assessment of their cyber security posture.

As a result, CREST only provides accreditation to highly trusted professional services organisations, and their employees who provide the often sensitive and high-risk penetration testing, cyber incident response, threat intelligence and security operations centre services.

All CREST accredited member companies are required to submit policies, processes and procedures relating to their service provision to provide added assurance for the buying community.  These policies, processes and procedures include:

  • References for certified individuals
  • Assignment preparation and scope processes
  • Assignment execution processes
  • Technical methodology
  • Reporting templates
  • Data storage and Information Sharing policies
  • Post technical delivery methodologies
  • Asset/Information/Document storage, retention and destruction processes

The buying community needs to be in a position where it can procure services from a trusted company with access to demonstrably professional technical security staff.  CREST provides the buying community with a clear indication of the quality of the organisation and the technical capability of staff they employ.

JDS is a proud CREST (Intl) accredited member company who can confidently provide our customers the added reassurance that our services meet the highest professional and security standards.

Five Reasons Why Your Organisation Should Be Penetration Testing

Modern businesses require an advanced approach to security and due diligence.  Having anti-virus software and a firewall is no longer an efficient strategy to prevent highly sophisticated security attacks which can result in irreversible damage to your organisation.

A professional penetration testing service is the best way to identify the strengths, weaknesses and holes in your defences.  Read on to uncover the five best reasons why your organisation needs penetration testing.

1. Protect Your Organisation From Cyber Attacks

Reports of cyber crime within Australia have increased nearly 15% each year since 2019, with the average reported financial loss per successful cybercrime incident being $50,673. Regardless of your organisational size or sector, cyber criminals view every business as a potentially exploitable prospect. The internet is continuously being scanned in search of vulnerable systems.  Carrying out penetration tests will enable you to identify vulnerabilities that are most likely to be exploited, determine what the potential impact could be, and enable you to implement measures to mitigate or eliminate the threat.     

2. Identify and Prioritise Vulnerabilities

Put simply, a pen test will uncover all of the potential threats and vulnerabilities that could damage your organisation’s IT assets.  The resulting report prioritises these vulnerabilities from low to critical, and further categorises them by likelihood and impact.  This gives your team a clear picture of your security posture, and the opportunity to mitigate the greatest threats first before moving on to less risky ones.

3. Stay Compliant With Security Standards and Regulations

Regular penetration testing can help you to comply with security standards and regulations such as ISO 27001 and PCI.  These standards require company managers and system owners to conduct regular penetration tests and security audits to demonstrate ongoing due diligence and maintenance of required security controls. Not only does pen testing identify potential vulnerabilities, ensuring that you are protecting your customers and assets, but it also helps to avoid costly fines and fees connected with non-compliance. 

4. Reduce Financial Losses and Downtime

Recent studies have reported that the average financial impact of a major data breach in Australia is around $3.7million per incident.  This takes into account expenditures on customer data protection programs, regulatory fines, and loss of revenue due to business operability.  System downtime is incredibly costly – the longer your system is down, the more exorbitant the cost.  A penetration test is a proactive solution to highlight and fix your system’s most critical vulnerabilities, and ensure your team are ready to act if your systems were to go down unexpectedly. 

5. Protect Your Reputation and Company Loyalty

Consumers are extremely quick to lose trust in companies and brands, and all it takes is one security breach or data leak to tarnish your reputation.  Customers and partners of your organisation want to know that their private data is safe in your hands, so it is in your best interest to be aware of any vulnerabilities which may put the company’s reputation and reliability in jeopardy.  

This is just a handful of reasons why organisations should carry out regular penetration tests, but there are many more.  Connect with JDS to discuss your pen testing needs and get a full scope of work customised to your requirements.

JDS and the GO Foundation

The Go Foundation is an inspiring organisation empowering young Indigenous Australians by providing scholarships from primary school through to University.

Co-founded by Adam Goodes and Michael O’Loughlin in 2009, the foundation offers mentoring, leadership, networks and support to GO students on their journey to employment.

JDS is immensely proud to have committed to donating $30k to the GO Foundation over the next three years.

It is an organisation that really resonates, as we recognise the vital importance of ensuring that all Australians have equal opportunity to participate socially, culturally and economically.

Extensive research has revealed that the completion of further education by Indigenous Australians can lead to increased earning capacity, greater employment opportunities, improved health and wellbeing outcomes, and reduced interaction with the justice system. The benefits that can come from Indigenous Australians going further beyond high school with their education can stretch beyond improving and enriching the lives of Indigenous communities – they can benefit everyone.

Positive enabling factors that are likely to increase Indigenous participation in further education include enhancing the quality of school experience for Indigenous students to ensure that culture is recognised, and the aspirations of each student is developed. Additionally, providing access to career advice and guidance, and information on the various choices and pathways available for Indigenous students is linked to increasing the quality of the school experience for Indigenous Australians.

The GO Foundation’s scholarship program provides financial assistance, tools and resources for Indigenous students to ensure their journey through school is rich and rewarding, and a broad range of career options, work experience and paid internships ensures the assistance continues well after the scholarship has ended.    

We hope that by dedicating our long-term support, we are contributing to generational change and opportunities for many students for many years to come.

Mastering Modal Dialog Boxes

Modal Dialog boxes are a great way to enhance the user experience and provide more detailed feedback to users than a default browser popup.

Recently, we had a challenging set of requirements from a customer. They needed a bunch of mandatory fields (easy enough with UI Policies) but there was a twist—they needed:

  • Fields that were mandatory ONLY if the person wanted to send the record for approval
  • Four fields but ONLY one of the four is mandatory (ie, put data in any one field and all four are good to go)
  • There had to be at least one record in a related list

Modal dialogs are awesome!

We developed a simple approval dialog box for a UI action to cater to these requirements. It’s a good example of how complex requirements can be distilled into a simple solution.

Have fun and happy coding!

5 Ways uberAgent Measures Your Employee Digital Experience

Measuring employee digital experience is a great way to assess how well your systems are performing. With the move to working from home there is now greater importance in making sure your IT services can support multiple device types and varying network conditions. This scenario is where uberAgent shines.

uberAgent is a user experience monitoring and endpoint security analytics product that integrates with your Splunk environment. uberAgent provides rich details on user experience whether they are on a Mac, PC, Surface, or virtual desktop like Citrix or VMware.

Here are 5 ways uberAgent can help you evaluate your employees’ end-user experience – and troubleshoot any issues.

Logon Monitoring

A logon is your first chance to make a good impression. No one likes to wait, so when users start to complain of slow logon times you need access to everyone’s details to understand what is going on. uberAgent for Splunk captures everything you will need, giving you everyone’s logon time, and where that time is being spent. You can review the details for a group of users, or drill-down to one specific user.

Logon time is broken down by the shell startup, group policy processing, profile loading, and group policy and AD logon scripts. You can compare users with different characteristics to help identify where time is being spent. If your group policy is taking too long for some users, you can drill down to see how much time each policy is taking. 

Logon Monitoring dashboard

Application Usage

Measuring the user experience of applications can benefit both application owners and end users. If users are reporting slow performance, it is important to understand what is happening on the system. Is performance poor due to the user’s memory or CPU? Is storage or bad network connectivity the issue? Could it be slow because of the many tabs open in their web browser? Or is the issue firmly with the application?

uberAgent will give you a clear picture of what is happening on each user’s device. Comparing all users can provide insights into how applications are performing throughout the day. You can view details about crashes, load times, memory/CPU/disk usage, network connectivity problems, and even understand how often the app freezes.

There are many other benefits to getting a full catalog of deployed applications. uberAgent tells you which applications are installed, and which of those are used. You can understand how many licenses will be needed for an application, and plan purchases and upgrades around usage.

Application Performance dashboard

Network Monitoring

A user’s internet connection can play a large role in the perceived performance of applications.  When users are working remotely, they may not always have access to high-speed internet connections. With uberAgent’s network monitoring capability you can easily see how much data is being transferred, to where, and exactly how long that took. Built in dashboards can show you connectivity issues broken down by user or application. You can separate latency issues in Citrix sessions and latency in Citrix hosted applications, helping identify if the user’s connection or an issue at the data centre is the cause.

Network Communications dashboard

Browser Application Experience

With the shift to cloud and web-based UIs, it is important to include web application performance in measuring overall user experience. With plugins for Internet Explorer, Firefox, and Chrome, uberAgent can delve into the browser experience without needing any code changes to the monitored apps.

Details about page load times, render time, network communications, errors, and more are available by application or web page. Measure the performance of web-based apps whether they are hosted internally or available in the cloud.

The light-weight plugin is a trusted solution with over 600,000 downloads in the Chrome store.

Browser App Performance dashboard

Experience Score Dashboard

Individual metrics are useful for troubleshooting individual issues. To get a clear picture of the overall user experience, uberAgent creates a single user experience score. The experience score is a single view that shows the current and past status of all devices, applications, and users monitored by uberAgent. It allows for proactive monitoring of your environment, reducing downtimes and costs.

The trend of this score can let you know how the user experience is going, and allow you to compare scores across different days, users, or applications.

The experience score dashboard calculates and visualises experience scores for the entire userbase, breaking the data down by category and component, highlighting components where potential issues are originating from. The dashboard also provides quick access to important KPIs like logon duration, application responsiveness, and application errors.

Experience Score dashboard

These five benefits are just the start – uberAgent has many more features built in. With the flexibility of the Splunk platform you can even extend the dashboards, alerts, and reports to suit your own requirements.

JDS has extensive experience successfully configuring uberAgent for our customers. JDS is a gold partner of uberAgent, so we can install, configure, and provide you with licenses. If you would like to take advantage of the impressive user experience monitoring capability of uberAgent, get in touch with JDS today.

JDS Appoints John Banks as National Sales Director

JDS Australia has appointed former IBM and Micro Focus executive, John Banks as the National Sales Director.  John will be responsible for all aspects of growth and customer success for JDS, reporting to Managing Director, John Bearsley.

“We have undergone a major realignment of JDS towards a practice model,” Bearsley said.  “In this new role, John will add a new edge to the team, bringing new names to the organisation, whilst expanding or engaging with our loyal customers.  He brings a wealth of industry and business growth experience to the JDS team.”

John Banks has over 35 years of ICT industry and management experience across 40 countries.  As Vice President for GBM Software in Dubai, he managed teams throughout the Middle East.  He has held IBM executive positions over 16 years in outsourcing and software divisions across Asia Pacific, and most recently served as Sales Director for Micro Focus here in Australia.

“In the current climate of ‘onshoring’, Australian companies need partners that they can rely on for delivery, but they also need trust,” said Banks. “Being an Australian-owned company staffed entirely by Aussies, JDS is now perfectly positioned to build upon the history they have developed with their customers over the last 17 years.  I am very excited to have the opportunity to be a part of this next phase of JDS’s story.”

Implementing Salesforce monitoring in Splunk

The problem

A JDS customer embarked on a project to implement Salesforce to provide their users a single user interface to fulfil their customer needs.  Their aim, to make the interface easy to use and reduce the time to process customer requests.  At the same time, the business had to ensure that their customer data stored in Salesforce was secure and to be able to detect any malicious use.

The Solution

Implementing Splunk with the Splunk Add-on for Salesforce enabled the collection of logs and objects from Salesforce using REST APIs.  This in turn, enabled proactive alerting and the creation of informative dashboards and reports to satisfy the business’ security requirements.

Scenarios detected:

  • Failed or unusual login attempts (same user tries to login from multiple IP addresses)
  • Large amounts of data extracted from Salesforce
  • Unauthorised changes in Salesforce configuration such as Connected Apps settings or Authentication Provider settings
  • Integration user account activity occurring outside of scheduled job runs
  • Privileged user activity
  • Apex code execution

All of this was achieved by setting up the required data inputs via the Splunk Add-on.  Creating lookups to enhance the alert content with meaningful information and macros for re-usability and ease of administration, then adding alerts to ensure the required conditions were notified to the operational support teams.

Splunk dashboards and reports built on Salesforce data allowed the business to easily view login patterns and analyse EventLog events and Setup Audit Trail changes.  Additionally, Salesforce data ingestion and alert summary dashboards were added to assist the support team to identify issues or delays in data ingestion as well as review the number of alerts being generated over time.

When developing any application that provides access to secure information, it’s important to not only monitor in terms of user experience, but also look at security aspects. Our customer was able to satisfy the security monitoring requirements of the business with the Splunk Add-on for Salesforce and achieved their go-live target date. The configured alerts will keep them informed of any potential security issues, giving them confidence that the platform is secure. The accompanying dashboards provide an intuitive summary of user actions, all backed by an extended data retention policy in Splunk to satisfy regulatory compliance. With SalesForce data now available in Splunk, they are planning additional use cases to not only monitor security, but get insights into how the platform is used by employees.

Why choose JDS?

JDS has experience and expertise in bringing SalesForce application data into Splunk . If your focus is on security, performance, or custom monitoring, speak to JDS today about how we can convert your SalesForce data into useful insights.