Submit Search
Upload
Splunk Discovery Köln - 17-01-2020 - Accelerate Incident Response
•
Download as PPTX, PDF
•
0 likes
•
214 views
Splunk
Follow
Presentation slides from Splunk Discovery held in Köln on January 17th 2020.
Read less
Read more
Technology
Report
Share
Report
Share
1 of 39
Download now
Recommended
Splunk Discovery Köln - 17-01-2020 - Splunk for ITOps
Splunk Discovery Köln - 17-01-2020 - Splunk for ITOps
Splunk
Do You Really Need to Evolve From Monitoring to Observability?
Do You Really Need to Evolve From Monitoring to Observability?
Splunk
Splunk Discovery Köln - 17-01-2020 - Willkommen!
Splunk Discovery Köln - 17-01-2020 - Willkommen!
Splunk
Splunk Overview
Splunk Overview
Splunk
Splunk AI & Machine Learning Roundtable 2019 - Zurich
Splunk AI & Machine Learning Roundtable 2019 - Zurich
Splunk
Splunk Platform 2020 & Beyond
Splunk Platform 2020 & Beyond
Splunk
The Risks and Rewards of AI
The Risks and Rewards of AI
Splunk
Security Automation & Orchestration
Security Automation & Orchestration
Splunk
Recommended
Splunk Discovery Köln - 17-01-2020 - Splunk for ITOps
Splunk Discovery Köln - 17-01-2020 - Splunk for ITOps
Splunk
Do You Really Need to Evolve From Monitoring to Observability?
Do You Really Need to Evolve From Monitoring to Observability?
Splunk
Splunk Discovery Köln - 17-01-2020 - Willkommen!
Splunk Discovery Köln - 17-01-2020 - Willkommen!
Splunk
Splunk Overview
Splunk Overview
Splunk
Splunk AI & Machine Learning Roundtable 2019 - Zurich
Splunk AI & Machine Learning Roundtable 2019 - Zurich
Splunk
Splunk Platform 2020 & Beyond
Splunk Platform 2020 & Beyond
Splunk
The Risks and Rewards of AI
The Risks and Rewards of AI
Splunk
Security Automation & Orchestration
Security Automation & Orchestration
Splunk
Machine Learning and Social Good
Machine Learning and Social Good
Splunk
Manufacturing Webinar AMS
Manufacturing Webinar AMS
Splunk
SplunkLive! Stockholm 2019 - Customer presentation: Norlys
SplunkLive! Stockholm 2019 - Customer presentation: Norlys
Splunk
IoT Analytics @ splunk
IoT Analytics @ splunk
Splunk
Wie erkenne ich die Auswirkungen von IT Ausfallen auf meine Produktion?
Wie erkenne ich die Auswirkungen von IT Ausfallen auf meine Produktion?
Splunk
Splunk Discovery Köln - 17-01-2020 - Turning Data Into Business Outcomes
Splunk Discovery Köln - 17-01-2020 - Turning Data Into Business Outcomes
Splunk
Splunk Artificial Intelligence & Machine Learning Webinar
Splunk Artificial Intelligence & Machine Learning Webinar
Splunk
The Top 10 Glasstable Design Principles to Boost Your Career and Your Business
The Top 10 Glasstable Design Principles to Boost Your Career and Your Business
Splunk
How to justify the economic value of your data investment
How to justify the economic value of your data investment
Splunk
Better Threat Analytics: From Getting Started to Cloud Security Analytics and...
Better Threat Analytics: From Getting Started to Cloud Security Analytics and...
Splunk
Spliunk Discovery Köln - 17-01-2020 - Intro to Security Analytics Methods
Spliunk Discovery Köln - 17-01-2020 - Intro to Security Analytics Methods
Splunk
Introduction into Security Analytics Methods
Introduction into Security Analytics Methods
Splunk
SplunkLive! Stockholm 2019 - Customer presentation: ISS
SplunkLive! Stockholm 2019 - Customer presentation: ISS
Splunk
Leveraging Splunk Enterprise Security with the MITRE’s ATT&CK Framework
Leveraging Splunk Enterprise Security with the MITRE’s ATT&CK Framework
Splunk
Worst Splunk practices...and how to fix them
Worst Splunk practices...and how to fix them
Splunk
Extending Splunk to Business Use Cases With Automated Process Mining
Extending Splunk to Business Use Cases With Automated Process Mining
Splunk
Turning Data Into Business Outcomes with the Splunk Platform
Turning Data Into Business Outcomes with the Splunk Platform
Splunk
Make Your SOC Work Smarter, Not Harder
Make Your SOC Work Smarter, Not Harder
Splunk
What's New with the Latest Splunk Platform Release
What's New with the Latest Splunk Platform Release
Splunk
Still Suffering from IT Outages? Accept Failure, Learn from Failure and Get R...
Still Suffering from IT Outages? Accept Failure, Learn from Failure and Get R...
Splunk
Accelerate Incident Response with Orchestration & Automation
Accelerate Incident Response with Orchestration & Automation
Splunk
Accelerate incident Response Using Orchestration and Automation
Accelerate incident Response Using Orchestration and Automation
Splunk
More Related Content
What's hot
Machine Learning and Social Good
Machine Learning and Social Good
Splunk
Manufacturing Webinar AMS
Manufacturing Webinar AMS
Splunk
SplunkLive! Stockholm 2019 - Customer presentation: Norlys
SplunkLive! Stockholm 2019 - Customer presentation: Norlys
Splunk
IoT Analytics @ splunk
IoT Analytics @ splunk
Splunk
Wie erkenne ich die Auswirkungen von IT Ausfallen auf meine Produktion?
Wie erkenne ich die Auswirkungen von IT Ausfallen auf meine Produktion?
Splunk
Splunk Discovery Köln - 17-01-2020 - Turning Data Into Business Outcomes
Splunk Discovery Köln - 17-01-2020 - Turning Data Into Business Outcomes
Splunk
Splunk Artificial Intelligence & Machine Learning Webinar
Splunk Artificial Intelligence & Machine Learning Webinar
Splunk
The Top 10 Glasstable Design Principles to Boost Your Career and Your Business
The Top 10 Glasstable Design Principles to Boost Your Career and Your Business
Splunk
How to justify the economic value of your data investment
How to justify the economic value of your data investment
Splunk
Better Threat Analytics: From Getting Started to Cloud Security Analytics and...
Better Threat Analytics: From Getting Started to Cloud Security Analytics and...
Splunk
Spliunk Discovery Köln - 17-01-2020 - Intro to Security Analytics Methods
Spliunk Discovery Köln - 17-01-2020 - Intro to Security Analytics Methods
Splunk
Introduction into Security Analytics Methods
Introduction into Security Analytics Methods
Splunk
SplunkLive! Stockholm 2019 - Customer presentation: ISS
SplunkLive! Stockholm 2019 - Customer presentation: ISS
Splunk
Leveraging Splunk Enterprise Security with the MITRE’s ATT&CK Framework
Leveraging Splunk Enterprise Security with the MITRE’s ATT&CK Framework
Splunk
Worst Splunk practices...and how to fix them
Worst Splunk practices...and how to fix them
Splunk
Extending Splunk to Business Use Cases With Automated Process Mining
Extending Splunk to Business Use Cases With Automated Process Mining
Splunk
Turning Data Into Business Outcomes with the Splunk Platform
Turning Data Into Business Outcomes with the Splunk Platform
Splunk
Make Your SOC Work Smarter, Not Harder
Make Your SOC Work Smarter, Not Harder
Splunk
What's New with the Latest Splunk Platform Release
What's New with the Latest Splunk Platform Release
Splunk
Still Suffering from IT Outages? Accept Failure, Learn from Failure and Get R...
Still Suffering from IT Outages? Accept Failure, Learn from Failure and Get R...
Splunk
What's hot
(20)
Machine Learning and Social Good
Machine Learning and Social Good
Manufacturing Webinar AMS
Manufacturing Webinar AMS
SplunkLive! Stockholm 2019 - Customer presentation: Norlys
SplunkLive! Stockholm 2019 - Customer presentation: Norlys
IoT Analytics @ splunk
IoT Analytics @ splunk
Wie erkenne ich die Auswirkungen von IT Ausfallen auf meine Produktion?
Wie erkenne ich die Auswirkungen von IT Ausfallen auf meine Produktion?
Splunk Discovery Köln - 17-01-2020 - Turning Data Into Business Outcomes
Splunk Discovery Köln - 17-01-2020 - Turning Data Into Business Outcomes
Splunk Artificial Intelligence & Machine Learning Webinar
Splunk Artificial Intelligence & Machine Learning Webinar
The Top 10 Glasstable Design Principles to Boost Your Career and Your Business
The Top 10 Glasstable Design Principles to Boost Your Career and Your Business
How to justify the economic value of your data investment
How to justify the economic value of your data investment
Better Threat Analytics: From Getting Started to Cloud Security Analytics and...
Better Threat Analytics: From Getting Started to Cloud Security Analytics and...
Spliunk Discovery Köln - 17-01-2020 - Intro to Security Analytics Methods
Spliunk Discovery Köln - 17-01-2020 - Intro to Security Analytics Methods
Introduction into Security Analytics Methods
Introduction into Security Analytics Methods
SplunkLive! Stockholm 2019 - Customer presentation: ISS
SplunkLive! Stockholm 2019 - Customer presentation: ISS
Leveraging Splunk Enterprise Security with the MITRE’s ATT&CK Framework
Leveraging Splunk Enterprise Security with the MITRE’s ATT&CK Framework
Worst Splunk practices...and how to fix them
Worst Splunk practices...and how to fix them
Extending Splunk to Business Use Cases With Automated Process Mining
Extending Splunk to Business Use Cases With Automated Process Mining
Turning Data Into Business Outcomes with the Splunk Platform
Turning Data Into Business Outcomes with the Splunk Platform
Make Your SOC Work Smarter, Not Harder
Make Your SOC Work Smarter, Not Harder
What's New with the Latest Splunk Platform Release
What's New with the Latest Splunk Platform Release
Still Suffering from IT Outages? Accept Failure, Learn from Failure and Get R...
Still Suffering from IT Outages? Accept Failure, Learn from Failure and Get R...
Similar to Splunk Discovery Köln - 17-01-2020 - Accelerate Incident Response
Accelerate Incident Response with Orchestration & Automation
Accelerate Incident Response with Orchestration & Automation
Splunk
Accelerate incident Response Using Orchestration and Automation
Accelerate incident Response Using Orchestration and Automation
Splunk
Accelerate incident Response Using Orchestration and Automation
Accelerate incident Response Using Orchestration and Automation
Splunk
Splunk Incident Response, Orchestrierung und Automation
Splunk Incident Response, Orchestrierung und Automation
Splunk
Exploring Frameworks of Splunk Enterprise Security
Exploring Frameworks of Splunk Enterprise Security
Splunk
Exploring Frameworks of Splunk Enterprise Security
Exploring Frameworks of Splunk Enterprise Security
Splunk
Splunk Enterprise Security
Splunk Enterprise Security
Splunk
Splunk-Presentation
Splunk-Presentation
PrasadThorat23
SplunkLive! Munich 2018: Use Splunk for incident Response, Orchestration and ...
SplunkLive! Munich 2018: Use Splunk for incident Response, Orchestration and ...
Splunk
Drive More Value from your SOC Through Connecting Security to the Business
Drive More Value from your SOC Through Connecting Security to the Business
Splunk
December Bengaluru Splunk User Group Meetup
December Bengaluru Splunk User Group Meetup
kamlesh2410
SplunkLive! London 2017 - Build a Security Portfolio That Strengthens Your Se...
SplunkLive! London 2017 - Build a Security Portfolio That Strengthens Your Se...
Splunk
The Splunk AISecOps Initiative - Splunk Security Roundtable: Zurich 2018
The Splunk AISecOps Initiative - Splunk Security Roundtable: Zurich 2018
Splunk
SplunkLive! Paris 2018: Delivering New Visibility And Analytics For IT Operat...
SplunkLive! Paris 2018: Delivering New Visibility And Analytics For IT Operat...
Splunk
SplunkLive! Zurich 2018: Use Splunk for Incident Response, Orchestration and ...
SplunkLive! Zurich 2018: Use Splunk for Incident Response, Orchestration and ...
Splunk
SEC1671/ Attack range/Splunk SIEMulator splunkconf2019
SEC1671/ Attack range/Splunk SIEMulator splunkconf2019
Rod Soto
Splunk Phantom SOAR Roundtable
Splunk Phantom SOAR Roundtable
Splunk
Partner Exec Summit 2018 - Frankfurt: Analytics-driven Security und SOAR
Partner Exec Summit 2018 - Frankfurt: Analytics-driven Security und SOAR
Splunk
SplunkLive! London 2017 - Splunk Overview
SplunkLive! London 2017 - Splunk Overview
Splunk
Machine Learning in Action
Machine Learning in Action
Splunk
Similar to Splunk Discovery Köln - 17-01-2020 - Accelerate Incident Response
(20)
Accelerate Incident Response with Orchestration & Automation
Accelerate Incident Response with Orchestration & Automation
Accelerate incident Response Using Orchestration and Automation
Accelerate incident Response Using Orchestration and Automation
Accelerate incident Response Using Orchestration and Automation
Accelerate incident Response Using Orchestration and Automation
Splunk Incident Response, Orchestrierung und Automation
Splunk Incident Response, Orchestrierung und Automation
Exploring Frameworks of Splunk Enterprise Security
Exploring Frameworks of Splunk Enterprise Security
Exploring Frameworks of Splunk Enterprise Security
Exploring Frameworks of Splunk Enterprise Security
Splunk Enterprise Security
Splunk Enterprise Security
Splunk-Presentation
Splunk-Presentation
SplunkLive! Munich 2018: Use Splunk for incident Response, Orchestration and ...
SplunkLive! Munich 2018: Use Splunk for incident Response, Orchestration and ...
Drive More Value from your SOC Through Connecting Security to the Business
Drive More Value from your SOC Through Connecting Security to the Business
December Bengaluru Splunk User Group Meetup
December Bengaluru Splunk User Group Meetup
SplunkLive! London 2017 - Build a Security Portfolio That Strengthens Your Se...
SplunkLive! London 2017 - Build a Security Portfolio That Strengthens Your Se...
The Splunk AISecOps Initiative - Splunk Security Roundtable: Zurich 2018
The Splunk AISecOps Initiative - Splunk Security Roundtable: Zurich 2018
SplunkLive! Paris 2018: Delivering New Visibility And Analytics For IT Operat...
SplunkLive! Paris 2018: Delivering New Visibility And Analytics For IT Operat...
SplunkLive! Zurich 2018: Use Splunk for Incident Response, Orchestration and ...
SplunkLive! Zurich 2018: Use Splunk for Incident Response, Orchestration and ...
SEC1671/ Attack range/Splunk SIEMulator splunkconf2019
SEC1671/ Attack range/Splunk SIEMulator splunkconf2019
Splunk Phantom SOAR Roundtable
Splunk Phantom SOAR Roundtable
Partner Exec Summit 2018 - Frankfurt: Analytics-driven Security und SOAR
Partner Exec Summit 2018 - Frankfurt: Analytics-driven Security und SOAR
SplunkLive! London 2017 - Splunk Overview
SplunkLive! London 2017 - Splunk Overview
Machine Learning in Action
Machine Learning in Action
More from Splunk
.conf Go 2023 - Data analysis as a routine
.conf Go 2023 - Data analysis as a routine
Splunk
.conf Go 2023 - How KPN drives Customer Satisfaction on IPTV
.conf Go 2023 - How KPN drives Customer Satisfaction on IPTV
Splunk
.conf Go 2023 - Navegando la normativa SOX (Telefónica)
.conf Go 2023 - Navegando la normativa SOX (Telefónica)
Splunk
.conf Go 2023 - Raiffeisen Bank International
.conf Go 2023 - Raiffeisen Bank International
Splunk
.conf Go 2023 - På liv og død Om sikkerhetsarbeid i Norsk helsenett
.conf Go 2023 - På liv og død Om sikkerhetsarbeid i Norsk helsenett
Splunk
.conf Go 2023 - Many roads lead to Rome - this was our journey (Julius Bär)
.conf Go 2023 - Many roads lead to Rome - this was our journey (Julius Bär)
Splunk
.conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu...
.conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu...
Splunk
.conf go 2023 - Cyber Resilienz – Herausforderungen und Ansatz für Energiever...
.conf go 2023 - Cyber Resilienz – Herausforderungen und Ansatz für Energiever...
Splunk
.conf go 2023 - De NOC a CSIRT (Cellnex)
.conf go 2023 - De NOC a CSIRT (Cellnex)
Splunk
conf go 2023 - El camino hacia la ciberseguridad (ABANCA)
conf go 2023 - El camino hacia la ciberseguridad (ABANCA)
Splunk
Splunk - BMW connects business and IT with data driven operations SRE and O11y
Splunk - BMW connects business and IT with data driven operations SRE and O11y
Splunk
Splunk x Freenet - .conf Go Köln
Splunk x Freenet - .conf Go Köln
Splunk
Splunk Security Session - .conf Go Köln
Splunk Security Session - .conf Go Köln
Splunk
Data foundations building success, at city scale – Imperial College London
Data foundations building success, at city scale – Imperial College London
Splunk
Splunk: How Vodafone established Operational Analytics in a Hybrid Environmen...
Splunk: How Vodafone established Operational Analytics in a Hybrid Environmen...
Splunk
SOC, Amore Mio! | Security Webinar
SOC, Amore Mio! | Security Webinar
Splunk
.conf Go 2022 - Observability Session
.conf Go 2022 - Observability Session
Splunk
.conf Go Zurich 2022 - Keynote
.conf Go Zurich 2022 - Keynote
Splunk
.conf Go Zurich 2022 - Platform Session
.conf Go Zurich 2022 - Platform Session
Splunk
.conf Go Zurich 2022 - Security Session
.conf Go Zurich 2022 - Security Session
Splunk
More from Splunk
(20)
.conf Go 2023 - Data analysis as a routine
.conf Go 2023 - Data analysis as a routine
.conf Go 2023 - How KPN drives Customer Satisfaction on IPTV
.conf Go 2023 - How KPN drives Customer Satisfaction on IPTV
.conf Go 2023 - Navegando la normativa SOX (Telefónica)
.conf Go 2023 - Navegando la normativa SOX (Telefónica)
.conf Go 2023 - Raiffeisen Bank International
.conf Go 2023 - Raiffeisen Bank International
.conf Go 2023 - På liv og død Om sikkerhetsarbeid i Norsk helsenett
.conf Go 2023 - På liv og død Om sikkerhetsarbeid i Norsk helsenett
.conf Go 2023 - Many roads lead to Rome - this was our journey (Julius Bär)
.conf Go 2023 - Many roads lead to Rome - this was our journey (Julius Bär)
.conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu...
.conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu...
.conf go 2023 - Cyber Resilienz – Herausforderungen und Ansatz für Energiever...
.conf go 2023 - Cyber Resilienz – Herausforderungen und Ansatz für Energiever...
.conf go 2023 - De NOC a CSIRT (Cellnex)
.conf go 2023 - De NOC a CSIRT (Cellnex)
conf go 2023 - El camino hacia la ciberseguridad (ABANCA)
conf go 2023 - El camino hacia la ciberseguridad (ABANCA)
Splunk - BMW connects business and IT with data driven operations SRE and O11y
Splunk - BMW connects business and IT with data driven operations SRE and O11y
Splunk x Freenet - .conf Go Köln
Splunk x Freenet - .conf Go Köln
Splunk Security Session - .conf Go Köln
Splunk Security Session - .conf Go Köln
Data foundations building success, at city scale – Imperial College London
Data foundations building success, at city scale – Imperial College London
Splunk: How Vodafone established Operational Analytics in a Hybrid Environmen...
Splunk: How Vodafone established Operational Analytics in a Hybrid Environmen...
SOC, Amore Mio! | Security Webinar
SOC, Amore Mio! | Security Webinar
.conf Go 2022 - Observability Session
.conf Go 2022 - Observability Session
.conf Go Zurich 2022 - Keynote
.conf Go Zurich 2022 - Keynote
.conf Go Zurich 2022 - Platform Session
.conf Go Zurich 2022 - Platform Session
.conf Go Zurich 2022 - Security Session
.conf Go Zurich 2022 - Security Session
Recently uploaded
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
Pixlogix Infotech
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
UiPathCommunity
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
Slibray Presentation
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
2toLead Limited
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
Stephanie Beckett
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptx
BkGupta21
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
LoriGlavin3
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
Rizwan Syed
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
Kalema Edgar
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Mark Simos
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
Fwdays
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
Alan Dix
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
Dilum Bandara
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Precisely
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
LoriGlavin3
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
LoriGlavin3
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
Alfredo García Lavilla
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
Dubai Multi Commodity Centre
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
Alex Barbosa Coqueiro
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
LoriGlavin3
Recently uploaded
(20)
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
Splunk Discovery Köln - 17-01-2020 - Accelerate Incident Response
1.
© 2019 SPLUNK
INC. Splunk Incident Response, Orchestrierung und Automation Splunk Discovery Köln 17. Januar 2020
2.
During the course
of this presentation, we may make forward‐looking statements regarding future events or plans of the company. We caution you that such statements reflect our current expectations and estimates based on factors currently known to us and that actual events or results may differ materially. The forward-looking statements made in the this presentation are being made as of the time and date of its live presentation. If reviewed after its live presentation, it may not contain current or accurate information. We do not assume any obligation to update any forward‐looking statements made herein. In addition, any information about our roadmap outlines our general product direction and is subject to change at any time without notice. It is for informational purposes only, and shall not be incorporated into any contract or other commitment. Splunk undertakes no obligation either to develop the features or functionalities described or to include any such feature or functionality in a future release. Splunk, Splunk>, Turn Data Into Doing, The Engine for Machine Data, Splunk Cloud, Splunk Light and SPL are trademarks and registered trademarks of Splunk Inc. in the United States and other countries. All other brand names, product names, or trademarks belong to their respective owners. © 2019 Splunk Inc. All rights reserved. Forward- Looking Statements © 2019 SPLUNK INC.
3.
© 2019 SPLUNK
INC. Beate Passul Senior Sales Engineer
4.
© 2019 SPLUNK
INC. Security Operations Practices Need to Change • Too Many Alerts • Not Enough Insights • Too Many • No Integration • Attracting • Training • Retaining Incident Response Tools Skills • Orchestration & Automation • Horizontal & Vertical Scale
5.
© 2019 SPLUNK
INC. Incident Response Challenge
6.
© 2019 SPLUNK
INC. Incident Response Takes Significant Time Source: SANS 2017 Incident Response Survey 1-3 months 2–7 days Time from Compromise To Detection Time from Detection To Containment Time from Containment To Remediation
7.
© 2019 SPLUNK
INC. Where Does Your Time Go? When working an incident, which phase generally takes the longest to complete in your organization? Day in the life of a security professional survey © 2016 EMA, Inc.
8.
© 2019 SPLUNK
INC. Time-to-Contain + Time-to-Remediate = 86% When working an incident, which phase generally takes the longest to complete in your organization? Day in the life of a security professional survey © 2016 EMA, Inc.
9.
© 2019 SPLUNK
INC. Tools
10.
© 2019 SPLUNK
INC. Poll #1 How many security tools and technologies does your company use? • < 10 • 10–25 • 26–50 • 51–75+
11.
© 2019 SPLUNK
INC. Tools and Technologies Galore TOO MANY TOOLS On average, organizations are using between 25 and 30 different security technologies and services. Source: CyberSecurity Analytics and Analytics in Transition, ESG, 2017
12.
© 2019 SPLUNK
INC. Skills and Scale Orchestration and Automation
13.
© 2019 SPLUNK
INC. Orchestration vs. Automation Orchestration • Security Orchestration is the machine-based coordination of security actions across tools and technologies. • Brings together or integrates different technologies and tools • Provides the ability to coordinate informed decision making, formalize and automate responsive actions Automation • Security Automation is the machine-based execution of security actions. • Focus is on how to make machines do task-oriented "human work” • Improve repetitive work, with high confidence in the outcome • Allows multiple tasks or "playbooks" to potentially execute numerous tasks
14.
© 2019 SPLUNK
INC. Poll #2 Do you use Security Orchestration Automation and Response (SOAR)?
15.
© 2019 SPLUNK
INC. SOAR Maestro App actions App actions App actions App actions App actions App actions App actions App actions App actions App actions Playbook
16.
© 2019 SPLUNK
INC. Automation & Orchestration Adoption Growing Source: CyberSecurity Analytics and Analytics in Transition, ESG, 2017
17.
© 2019 SPLUNK
INC. Security Nerve Center Overview
18.
© 2019 SPLUNK
INC. Security Nerve Center Orient Observe Decide Act Network Identity & Access Threat Intelligence Mobile EndpointsCloud Security WAF & App Security Web Proxy Firewall Analytics Orchestration
19.
© 2019 SPLUNK
INC. Splunk Security Portfolio DATA PLATFORM ANALYTICS OPERATIONS Platform for Machine Data
20.
© 2019 SPLUNK
INC. Adaptive Operations Framework Mission • Deeply integrate with the best security technologies to improve cyber defenses and maximize operational efficiency. Approach • Gather, analyze, share, and take action using end-to-end context across across multiple security domains. Partner ecosystem enables the Security Nerve Center Network Identity & Access Threat Intelligence EndpointsCloud Security WAF & App Security Web Proxy Firewall Operations Data / Analytics Splunk Phantom Apps & Playbooks Splunk Enterprise Security Adaptive Response Actions Splunkbase Apps & Add-Ons 240+ Integrations / 1,200+ APIs
21.
© 2019 SPLUNK
INC. Phantom Security Operations
22.
© 2019 SPLUNK
INC. Operationalizing Security Integrate your team, processes, and tools together. • Work smarter by automating repetitive tasks allowing analysts to focus on more mission-critical tasks. • Respond faster and reduce dwell times with automated detection, investigation, and response. • Strengthen defenses by integrating existing security infrastructure together so that each part is an active participant. With Phantom Automation Event Management
23.
© 2019 SPLUNK
INC. Automation • Automate repetitive tasks to force multiply team efforts. • Execute automated actions in seconds versus hours. • Pre-fetch intelligence to support decision making. Automation Event Management
24.
© 2019 SPLUNK
INC. Orchestration • Coordinate complex workflows across your SOC. • 200+ Apps & growing • 1000+ API’s Automation Event Management
25.
© 2019 SPLUNK
INC. Case Management • Create case templates that replicate your SOPs. • Manage your response to threats with precision. • Embed automation within a case task. Automation Event Management
26.
© 2019 SPLUNK
INC. How it Works Automated Malware Investigation • “Automation with Phantom enables us to process malware email alerts in about 40 seconds vs. 30 minutes or more.” — Adam Fletcher, CISO A Phantom Case Study SANDBOX QUERY RECIPIENTS USER PROFILE HUNT FILE HUNT FILE FILE REPUTATION FILE ASSESSMENT RUN PLAYBOOK “REMEDIATE" EMAIL ALERT
27.
© 2019 SPLUNK
INC. Demo
28.
© 2019 SPLUNK
INC.
29.
© 2019 SPLUNK
INC.
30.
© 2019 SPLUNK
INC.
31.
© 2019 SPLUNK
INC.
32.
© 2019 SPLUNK
INC.
33.
© 2019 SPLUNK
INC.
34.
© 2019 SPLUNK
INC.
35.
© 2 0
1 9 S P L U N K I N C . Splunk Phantom on your mobile device • Phantom on Splunk Mobile brings the power of Phantom security orchestration, automation, and response (SOAR) capabilities to your mobile device. • No need to open your laptop. Orchestrate security operations from the palm of your hand. • Respond faster than ever before, because you’re reachable from anywhere. • Run playbooks, triage events, and collaborate with colleagues – all on-the-go.
36.
© 2019 SPLUNK
INC. Key Takeaways Splunk offers options to accelerate incident response with orchestration and automation 1) Use Phantom with Splunk or Splunk Enterprise Security to accelerate Incident Investigation and Response 2) Use Adaptive Operations Framework to realize your security nerve center 3) Splunk offers market proven, comprehensive solutions for Incident Response 4) Use with all Security domains and related IT domains to solve incident response use cases and more
37.
© 2019 SPLUNK
INC. Join our community get access to playbooks and app integrations https://my.phantom.us
38.
© 2019 SPLUNK
INC. Agenda Splunk Discovery Köln 17. Januar 2020 09:00–10:30 Keynote und Demo – Die Data-to-Everything Plattform 10:30–11:00 Pause Tech Track (Jupiter I+II) Business Track (Saturn I+II) 11:00–11:45 Mit der Splunk Plattform Daten in Mehrwert umwandeln ROI in Datenprojekten (in English) 11:45–12:30 Abenteuer bei Monitoring und Troubleshooting Kunden Use Cases 12:30–13:30 Mittagessen 13:30–14:15 Security Analytics Methoden Die Zukunft von Security Operations 14:15–15:00 Splunk Incident Response, Orchestrierung und Automation Die Zukunft von ITOA – von Monitoring zu Observability 15:00–15:30 Pause 15:30–16:15 Kunden Use Case: TÜV Trust IT 16:15–17:00 Networking Drinks
39.
Thank You © 2019
SPLUNK INC.
Download now