The focus of this document is to highlight early threat detection
by using Splunk Enterprise and proactively start a cyber resilience
workflow in response to a cyberattack or malicious user action.The
workflow uses IBM® Copy Services Manager (CSM) as orchestration
software to invoke the IBM FlashSystem® storage Safeguarded Copy
function, which creates an immutable copy of the data in an
air-gapped form on the same IBM FlashSystem Storage for isolation
and eventual quick recovery. This document explains the steps that
are required
The focus of this document is to highlight early threat detection
by using Splunk Enterprise and proactively start a cyber resilience
workflow in response to a cyberattack or malicious user action.The
workflow uses IBM® Copy Services Manager (CSM) as orchestration
software to invoke the IBM FlashSystem® storage Safeguarded Copy
function, which creates an immutable copy of the data in an
air-gapped form on the same IBM FlashSystem Storage for isolation
and eventual quick recovery. This document explains the steps that
are required