Gary Hayslip is the Deputy Director and CISO of the City of San Diego. Before implementing Splunk, the city lacked visibility and coordination across its IT systems. Splunk has provided the city with end-to-end visibility across its 24 networks and 40,000 endpoints. It uses Splunk for security reporting, threat detection, application management, analytics, and dashboards. Splunk has helped the city detect threats faster, improve operations, and protect critical data. The city plans to continue expanding its use of Splunk across departments to improve security and operations.
KiZAN will bring 25 Raspberry Pi starter kits that run Windows 10 IoT Core. This will enable participants to build a really compelling IoT/Azure/Power BI story in a single day! Interet of Things (IoT) Raspberry Pi starter kit
We’ll start off the day with an introduction to IoT and build IoT devices (hands on). Next, we’ll build a simple temperature sensor, collecting ambient temperature readings, and stream the data to an Azure IoT Hub.
Once the data is in Azure, we’ll analyze it with Azure Stream Analytics, and ship it to an Azure SQL Database.
Finally, we’ll report on the data and build dashboards of our temperature readings using Power BI.
Delivering Business Value from Operational Inisights at ING BankSplunk
Discover how ING Bank gains critical insights from the data generated across its IT estate. This session will highlight how the bank benefits from real-time visibility into its operations and performance, while enhancing business analytics to deliver improved insight into customer behavior and ultimately make better business decisions.
How EA Games & Nurun used Node.js on Heroku to reach 350,000 fans during E3 2015Salesforce Developers
Learn how one of the largest video game companies in the world used Heroku to handle the most important gaming event of the year. Take a behind the scenes look at how Nurun used tools like Node.js and MongoDB as well as services like Heroku and Fastly to build an application that smoothly handled over 20,000 concurrent users without a hitch. An application that for one week, needed to showcase the future of the gaming industry to hundreds of thousands of passionate fans. Nurun will discuss the unique challenges of building a robust, highly scalable and entirely disposable (but reusable) Node.js application in five weeks.
KiZAN will bring 25 Raspberry Pi starter kits that run Windows 10 IoT Core. This will enable participants to build a really compelling IoT/Azure/Power BI story in a single day! Interet of Things (IoT) Raspberry Pi starter kit
We’ll start off the day with an introduction to IoT and build IoT devices (hands on). Next, we’ll build a simple temperature sensor, collecting ambient temperature readings, and stream the data to an Azure IoT Hub.
Once the data is in Azure, we’ll analyze it with Azure Stream Analytics, and ship it to an Azure SQL Database.
Finally, we’ll report on the data and build dashboards of our temperature readings using Power BI.
Delivering Business Value from Operational Inisights at ING BankSplunk
Discover how ING Bank gains critical insights from the data generated across its IT estate. This session will highlight how the bank benefits from real-time visibility into its operations and performance, while enhancing business analytics to deliver improved insight into customer behavior and ultimately make better business decisions.
How EA Games & Nurun used Node.js on Heroku to reach 350,000 fans during E3 2015Salesforce Developers
Learn how one of the largest video game companies in the world used Heroku to handle the most important gaming event of the year. Take a behind the scenes look at how Nurun used tools like Node.js and MongoDB as well as services like Heroku and Fastly to build an application that smoothly handled over 20,000 concurrent users without a hitch. An application that for one week, needed to showcase the future of the gaming industry to hundreds of thousands of passionate fans. Nurun will discuss the unique challenges of building a robust, highly scalable and entirely disposable (but reusable) Node.js application in five weeks.
Splunk in the Cisco Unified Computing System (UCS) Splunk
Cisco has been a Splunk customer for 8 years, with a strong engineering partnership for 3+ years. Learn how several Cisco customers as well as Cisco IT have deployed, grown, and transformed our businesses using the advantages of Splunk Enterprise software together with Cisco UCS and Nexus hardware. We will also talk about scalability and performance considerations for all scales of data footprint and business growth.
NHS Choices: Managing complex infrastructure to deliver critical online servicesSplunk
Learn how NHS Choices analyses machine data to gain real-time insights into a complex hybrid infrastructure. With this operational intelligence NHS Choices can resolve issues faster, manage unpredictable traffic, easily report to management and ultimately keep the 'front-door to the NHS' open for more than 40 million visitors a month.
With the introduction of the Neo4j Graph Platform and increased adoption of graph database technology across all industries, now is a better time than ever to get started with graphs.
Join us for this introduction to Neo4j and graph databases. We'll discuss the primary use cases for graph databases and explore the properties of Neo4j that make those use cases possible.
Streaming Cyber Security into Graph: Accelerating Data into DataStax Graph an...Keith Kraus
Traditional security tools like security information and event managers (SIEMs) are struggling to keep up with the terabytes of event data (250M to 2B events) being generated each day from an ever-growing number of devices. Cybersecurity has become a data problem, and enterprises need to reply with scalable solutions to enable effective hunting and combat evolving attacks. Rethinking the cybersecurity problem as a data-centric problem led Accenture Labs’s Cybersecurity team to use emerging big data tools along with new approaches such as graph databases and analysis to exploit the connected nature of the data to its advantage. Joshua Patterson, Michael Wendt, and Keith Kraus explain how Accenture Labs’s Cybersecurity team is using Apache Kafka, Spark, and Flink to stream data into Blazegraph and Datastax Graph to accelerate cyber defense.
Leveraging Datastax Graph and Blazegraph allows Accenture Labs to greatly accelerate query and analysis performance compared to traditional security tools like SIEM. Josh, Michael, and Keith share the challenges of fitting cybersecurity data into each of the graph structures, as well as the ways they exploited the connectedness of events to discover new threats that would have been missed in traditional SIEM tools. In addition, they explain how they use GPUs to accelerate graph analysis by using Blazegraph DASL. Josh, Michael, and Keith end by demonstrating how to efficiently and effectively stream data into these graph databases using best-in-breed technologies such as Apache Kafka, Spark, and Flink and touch on why Kudu is becoming an integral part of Accenture’s technology stack. Utilizing these technologies, clients have supercharged their security analysts’ cyber-hunting abilities and are uncovering threats faster.
Splunk in the Cisco Unified Computing System (UCS) Splunk
Cisco has been a Splunk customer for 8 years, with a strong engineering partnership for 3+ years. Learn how several Cisco customers as well as Cisco IT have deployed, grown, and transformed our businesses using the advantages of Splunk Enterprise software together with Cisco UCS and Nexus hardware. We will also talk about scalability and performance considerations for all scales of data footprint and business growth.
NHS Choices: Managing complex infrastructure to deliver critical online servicesSplunk
Learn how NHS Choices analyses machine data to gain real-time insights into a complex hybrid infrastructure. With this operational intelligence NHS Choices can resolve issues faster, manage unpredictable traffic, easily report to management and ultimately keep the 'front-door to the NHS' open for more than 40 million visitors a month.
With the introduction of the Neo4j Graph Platform and increased adoption of graph database technology across all industries, now is a better time than ever to get started with graphs.
Join us for this introduction to Neo4j and graph databases. We'll discuss the primary use cases for graph databases and explore the properties of Neo4j that make those use cases possible.
Streaming Cyber Security into Graph: Accelerating Data into DataStax Graph an...Keith Kraus
Traditional security tools like security information and event managers (SIEMs) are struggling to keep up with the terabytes of event data (250M to 2B events) being generated each day from an ever-growing number of devices. Cybersecurity has become a data problem, and enterprises need to reply with scalable solutions to enable effective hunting and combat evolving attacks. Rethinking the cybersecurity problem as a data-centric problem led Accenture Labs’s Cybersecurity team to use emerging big data tools along with new approaches such as graph databases and analysis to exploit the connected nature of the data to its advantage. Joshua Patterson, Michael Wendt, and Keith Kraus explain how Accenture Labs’s Cybersecurity team is using Apache Kafka, Spark, and Flink to stream data into Blazegraph and Datastax Graph to accelerate cyber defense.
Leveraging Datastax Graph and Blazegraph allows Accenture Labs to greatly accelerate query and analysis performance compared to traditional security tools like SIEM. Josh, Michael, and Keith share the challenges of fitting cybersecurity data into each of the graph structures, as well as the ways they exploited the connectedness of events to discover new threats that would have been missed in traditional SIEM tools. In addition, they explain how they use GPUs to accelerate graph analysis by using Blazegraph DASL. Josh, Michael, and Keith end by demonstrating how to efficiently and effectively stream data into these graph databases using best-in-breed technologies such as Apache Kafka, Spark, and Flink and touch on why Kudu is becoming an integral part of Accenture’s technology stack. Utilizing these technologies, clients have supercharged their security analysts’ cyber-hunting abilities and are uncovering threats faster.
Similar to City of San Diego Customer Presentation (20)
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
2. 2
About the City of San Diego
• “America’s Finest City”
• U.S. 8th largest city
• 11,000+ employees
• $4 billion business
• 1.5 Million Citizens
• 24 Networks
• 40,000 endpoints
• 4 Millions attacks per week
3. 3
About Me
• Chief Information Security Officer
(CISSP, CISA, CRISC, CCSK)
• Background in DOD and US Navy
• Responsible for developing and executing
city-wide security strategy
• Creating “risk-aware” culture that protects
city and personal information resources
I am a World of Warcraft gamer
Favorite Splunk T-shirt – “Taking the SH out
of IT”
4. 4
Before Splunk: Chaos
• No visibility, no coordination, no control
• IT was outsourced to a city-owned non-profit
• No documentation; no strategic plan
• Lacked insight into networking, data analysis,
and who was doing what
• No security operation center; the security of the
networks was uncoordinated.
• Business impact
• Inefficiencies from too many networks and
disparate technologies duct-taped together
• Extreme vulnerability to cyber threats
• Voters were insisting on managed services
“Nothing was
documented and there
was no strategic plan. It
was like the Wild, Wild
West and the city was
just throwing money at
issues.”
5. 5
Choosing Splunk
• Selection criteria:
• Prior experience and knowledge
• Good ranking on Gartner
• Able to handle our massive data streams on one
platform
• Strong track record of interfacing smoothly with
other products (we have 26+)
• Success meant bringing together disparate
systems and data into one integrated,
managed platform “Visibility = Action”
• Splunk expands to meet evolving needs
“Based on
Splunk’s track
record, I wasn’t
interested in
anybody else.”
6. Splunk at City of San Diego
• 100 GB license for production
• Splunk Enterprise Security
• 33 Splunk environments
• 1 clustered indexers, 25 forwarders
• 24 networks, a billion packets/month
40,000 endpoints, petabytes of data
• 90% of the SOC owned by city, 10% by
service provider Atos
6
25 Universal Forwarders
1 Indexers
1 Search Heads + 1 Deployment Servers
7. Use of Splunk at City of San Diego
Data / Log Visibility
Application Management
Security Reporting
Threat Detection
Analytics / Dashboards
8. 8
End-to-End Visibility
• We now route all logs and manage multiple data
sources and apps on one platform
(Tenable, ActiveDirectory, networks audit server)
• We have visibility into our operations to function
effectively
• Achieved audit capability and intel into our
networks (Varonis tool, Netskope, Netwrix)
• With Splunk, we can create dashboards for any
function and see information in real time
“Splunk has the
ability to slice
and dice the
information to
give us the
visibility we
need.”
9. 9
Security Reporting
• Splunk supports our large data volume
(100GB/hour, 1 Billion packets/month - - >
adds up to a petabyte of data)
• Security dashboard opens visibility across the
network & shows management “what’s going on
today in cyber”
• I can translate the ton of paperwork on my desk
into building meaningful metrics
• Visibility lets us protect the perimeter to its “BYOD”
end points
“Security goes
beyond my
perimeter, which
is no longer just
the firewalls; it’s
the bank of mobile
phones my
employees are
walking around
with.”
10. 10
Threat Detection & Response
• We experience 4 million attacks/week (including
international countries & “hacktivists”)
• With Splunk Enterprise Security, we:
• Detect, investigate, scope and respond to threats
• Quarantine dangerous files in minutes
• When Mayor’s office hit with TeslaCrypt attack, we:
• Detected and had machine off network within 20 minutes
• Quickly protected critical folders (treasury, fire depts)
• Completely remediated and got back up and running in 3.5
hours (prior, would have taken several days)
“After a
TeslaCrypt
attack, we
identified the
effected
machine and
pulled it off
network in
minutes.”
11. 11
Application Management
• We manage 26 apps and plug-ins in Splunk
• Able to interface with components like:
• Nessus
• Tenable
• Varonis
• Cisco
• ActiveDirectory
• SCADA, ICS networks
• For our diverse needs, there was no other
choice
“Splunk was
the right size
Lego in the
box for the
puzzle we are
building.”
12. 12
Analytics, Dashboards, Reports
• Splunk gives us (multiple teams) a single pane and
point of access for our data
• Dashboards and reports to give full views across the
environment are in progress
• Able to view employee use of city data on cloud
solutions (mobile device, cloud storage)
• Future projects - see analytic reports on public
operations and functions (emergency teams, stop
lights, traffic)
• Reports drive more effective business management
decisions and practices
“I can show my
mayor and COO
how many attacks
we’ve blocked, how
many tickets we’re
handling, what’s
going on across the
network.”
13. 13
City of San Diego Use Cases
Daily Operations
Network Behavior Analytics
Continuous Monitoring
Data Governance
14. 14
Users Across City of San Diego
Enterprise networks
HVAC systems
Libraries
Police and fire departments, 911 dispatchers
Financial, medical (HIPAA), PCI data
GPS networks
Sanitation and utilities
Golf courses
15. 15
Splunk Words to the Wise….
• Don’t underestimate the amount of support
you need—add another 25%
• Plan for growth
• Start with a trial version and take the training
• Devote the effort to get the most out of the
solution
• When building out and adding other vendors:
• Always ask, “Can you Splunk it?”, “Do you have a
Splunk App?”
• If the answer is “no,” don’t buy it
16. 16
Splunking Ahead….
• We have a 5-year road map
• We plan to share our success by
introducing Splunk to other City
departments (Splunk Day)
• We want to expand to the cloud
• Our dream is to have Splunk’s versatility
touch every aspect of City operations, for
both ingress and egress
17. 17
Splunk Successes
• “Aha” moment – Clear usage detail of our city phones
• For years our vendor couldn’t give us this information
• Took a class on using Splunk, and got a clear report showing phone charges
and details by department - That alone paid for the class!
• We have immediate visibility into our data
• High level of detail, across multiple functions and departments
• We can create reports that improve productivity and help reduce
costs
• Threat protection systems have saved the city from critical data
breaches
17