Submit Search
Upload
Splunk Discovery: Milan 2018 - Intro to Security Analytics Methods
•
Download as PPTX, PDF
•
1 like
•
332 views
Splunk
Follow
Presented at Splunk Discovery: Milan 2018
Read less
Read more
Technology
Report
Share
Report
Share
1 of 36
Download now
Recommended
Splunk Discovery: Milan 2018 - Delivering New Visibility and Analytics for IT...
Splunk Discovery: Milan 2018 - Delivering New Visibility and Analytics for IT...
Splunk
Splunk Discovery: Milan 2018 - Get More From Your Machine Data with Splunk AI
Splunk Discovery: Milan 2018 - Get More From Your Machine Data with Splunk AI
Splunk
Splunk Discovery: Warsaw 2018 - Legacy SIEM to Splunk, How to Conquer Migrati...
Splunk Discovery: Warsaw 2018 - Legacy SIEM to Splunk, How to Conquer Migrati...
Splunk
SplunkLive! Zurich 2018: Intro to Security Analytics Methods
SplunkLive! Zurich 2018: Intro to Security Analytics Methods
Splunk
Splunk Discovery: Milan 2018 - Splunk Overview
Splunk Discovery: Milan 2018 - Splunk Overview
Splunk
SplunkLive! Zurich 2018: Use Splunk for Incident Response, Orchestration and ...
SplunkLive! Zurich 2018: Use Splunk for Incident Response, Orchestration and ...
Splunk
SplunkLive! Zurich 2018: Get More From Your Machine Data with Splunk & AI
SplunkLive! Zurich 2018: Get More From Your Machine Data with Splunk & AI
Splunk
SplunkLive! London 2017 - An End-To-End Approach: Detect via Behavious and Re...
SplunkLive! London 2017 - An End-To-End Approach: Detect via Behavious and Re...
Splunk
Recommended
Splunk Discovery: Milan 2018 - Delivering New Visibility and Analytics for IT...
Splunk Discovery: Milan 2018 - Delivering New Visibility and Analytics for IT...
Splunk
Splunk Discovery: Milan 2018 - Get More From Your Machine Data with Splunk AI
Splunk Discovery: Milan 2018 - Get More From Your Machine Data with Splunk AI
Splunk
Splunk Discovery: Warsaw 2018 - Legacy SIEM to Splunk, How to Conquer Migrati...
Splunk Discovery: Warsaw 2018 - Legacy SIEM to Splunk, How to Conquer Migrati...
Splunk
SplunkLive! Zurich 2018: Intro to Security Analytics Methods
SplunkLive! Zurich 2018: Intro to Security Analytics Methods
Splunk
Splunk Discovery: Milan 2018 - Splunk Overview
Splunk Discovery: Milan 2018 - Splunk Overview
Splunk
SplunkLive! Zurich 2018: Use Splunk for Incident Response, Orchestration and ...
SplunkLive! Zurich 2018: Use Splunk for Incident Response, Orchestration and ...
Splunk
SplunkLive! Zurich 2018: Get More From Your Machine Data with Splunk & AI
SplunkLive! Zurich 2018: Get More From Your Machine Data with Splunk & AI
Splunk
SplunkLive! London 2017 - An End-To-End Approach: Detect via Behavious and Re...
SplunkLive! London 2017 - An End-To-End Approach: Detect via Behavious and Re...
Splunk
Danfoss - Splunk for Vulnerability Management
Danfoss - Splunk for Vulnerability Management
Splunk
The Splunk AISecOps Initiative - Splunk Security Roundtable: Zurich 2018
The Splunk AISecOps Initiative - Splunk Security Roundtable: Zurich 2018
Splunk
Splunk Discovery: Warsaw 2018 - IT Operations Track
Splunk Discovery: Warsaw 2018 - IT Operations Track
Splunk
Splunk Discovery Day Milwaukee 9-14-17
Splunk Discovery Day Milwaukee 9-14-17
Splunk
SplunkLive! London 2017 - Build a Security Portfolio That Strengthens Your Se...
SplunkLive! London 2017 - Build a Security Portfolio That Strengthens Your Se...
Splunk
Splunk Discovery: Warsaw 2018 - Intro to Security Analytics Methods
Splunk Discovery: Warsaw 2018 - Intro to Security Analytics Methods
Splunk
Splunk Discovery: Warsaw 2018 - Reimagining IT with Service Intelligence
Splunk Discovery: Warsaw 2018 - Reimagining IT with Service Intelligence
Splunk
SplunkLive! London 2017 - Splunk Overview
SplunkLive! London 2017 - Splunk Overview
Splunk
SplunkLive! London 2017 - Travis Perkins
SplunkLive! London 2017 - Travis Perkins
Splunk
SplunkLive! Paris 2018: Use Splunk for Incident Response, Orchestration and A...
SplunkLive! Paris 2018: Use Splunk for Incident Response, Orchestration and A...
Splunk
Partner Exec Summit 2018 - Frankfurt: Analytics-driven Security und SOAR
Partner Exec Summit 2018 - Frankfurt: Analytics-driven Security und SOAR
Splunk
Splunk Discovery: Warsaw 2018 - Solve Your Security Challenges with Splunk En...
Splunk Discovery: Warsaw 2018 - Solve Your Security Challenges with Splunk En...
Splunk
SplunkLive! Munich 2018: Legacy SIEM to Splunk, How to Conquer Migration and ...
SplunkLive! Munich 2018: Legacy SIEM to Splunk, How to Conquer Migration and ...
Splunk
SplunkLive! Munich 2018: Use Splunk for incident Response, Orchestration and ...
SplunkLive! Munich 2018: Use Splunk for incident Response, Orchestration and ...
Splunk
SplunkLive! Zurich 2018: Legacy SIEM to Splunk, How to Conquer Migration and ...
SplunkLive! Zurich 2018: Legacy SIEM to Splunk, How to Conquer Migration and ...
Splunk
SplunkLive! Paris 2018: Splunk And AI 101
SplunkLive! Paris 2018: Splunk And AI 101
Splunk
Financial Services Forum_New York, May 17, 2017
Financial Services Forum_New York, May 17, 2017
Splunk
SplunkLive! Frankfurt 2018 - Use Splunk for Incident Response, Orchestration ...
SplunkLive! Frankfurt 2018 - Use Splunk for Incident Response, Orchestration ...
Splunk
Splunk Forum Frankfurt - 15th Nov 2017 - Building SOC with Splunk
Splunk Forum Frankfurt - 15th Nov 2017 - Building SOC with Splunk
Splunk
SplunkLive! Frankfurt 2018 - Legacy SIEM to Splunk, How to Conquer Migration ...
SplunkLive! Frankfurt 2018 - Legacy SIEM to Splunk, How to Conquer Migration ...
Splunk
Security crawl walk run presentation mckay v1 2017
Security crawl walk run presentation mckay v1 2017
Adam Tice
SplunkLive! Munich 2018: Intro to Security Analytics Methods
SplunkLive! Munich 2018: Intro to Security Analytics Methods
Splunk
More Related Content
What's hot
Danfoss - Splunk for Vulnerability Management
Danfoss - Splunk for Vulnerability Management
Splunk
The Splunk AISecOps Initiative - Splunk Security Roundtable: Zurich 2018
The Splunk AISecOps Initiative - Splunk Security Roundtable: Zurich 2018
Splunk
Splunk Discovery: Warsaw 2018 - IT Operations Track
Splunk Discovery: Warsaw 2018 - IT Operations Track
Splunk
Splunk Discovery Day Milwaukee 9-14-17
Splunk Discovery Day Milwaukee 9-14-17
Splunk
SplunkLive! London 2017 - Build a Security Portfolio That Strengthens Your Se...
SplunkLive! London 2017 - Build a Security Portfolio That Strengthens Your Se...
Splunk
Splunk Discovery: Warsaw 2018 - Intro to Security Analytics Methods
Splunk Discovery: Warsaw 2018 - Intro to Security Analytics Methods
Splunk
Splunk Discovery: Warsaw 2018 - Reimagining IT with Service Intelligence
Splunk Discovery: Warsaw 2018 - Reimagining IT with Service Intelligence
Splunk
SplunkLive! London 2017 - Splunk Overview
SplunkLive! London 2017 - Splunk Overview
Splunk
SplunkLive! London 2017 - Travis Perkins
SplunkLive! London 2017 - Travis Perkins
Splunk
SplunkLive! Paris 2018: Use Splunk for Incident Response, Orchestration and A...
SplunkLive! Paris 2018: Use Splunk for Incident Response, Orchestration and A...
Splunk
Partner Exec Summit 2018 - Frankfurt: Analytics-driven Security und SOAR
Partner Exec Summit 2018 - Frankfurt: Analytics-driven Security und SOAR
Splunk
Splunk Discovery: Warsaw 2018 - Solve Your Security Challenges with Splunk En...
Splunk Discovery: Warsaw 2018 - Solve Your Security Challenges with Splunk En...
Splunk
SplunkLive! Munich 2018: Legacy SIEM to Splunk, How to Conquer Migration and ...
SplunkLive! Munich 2018: Legacy SIEM to Splunk, How to Conquer Migration and ...
Splunk
SplunkLive! Munich 2018: Use Splunk for incident Response, Orchestration and ...
SplunkLive! Munich 2018: Use Splunk for incident Response, Orchestration and ...
Splunk
SplunkLive! Zurich 2018: Legacy SIEM to Splunk, How to Conquer Migration and ...
SplunkLive! Zurich 2018: Legacy SIEM to Splunk, How to Conquer Migration and ...
Splunk
SplunkLive! Paris 2018: Splunk And AI 101
SplunkLive! Paris 2018: Splunk And AI 101
Splunk
Financial Services Forum_New York, May 17, 2017
Financial Services Forum_New York, May 17, 2017
Splunk
SplunkLive! Frankfurt 2018 - Use Splunk for Incident Response, Orchestration ...
SplunkLive! Frankfurt 2018 - Use Splunk for Incident Response, Orchestration ...
Splunk
Splunk Forum Frankfurt - 15th Nov 2017 - Building SOC with Splunk
Splunk Forum Frankfurt - 15th Nov 2017 - Building SOC with Splunk
Splunk
SplunkLive! Frankfurt 2018 - Legacy SIEM to Splunk, How to Conquer Migration ...
SplunkLive! Frankfurt 2018 - Legacy SIEM to Splunk, How to Conquer Migration ...
Splunk
What's hot
(20)
Danfoss - Splunk for Vulnerability Management
Danfoss - Splunk for Vulnerability Management
The Splunk AISecOps Initiative - Splunk Security Roundtable: Zurich 2018
The Splunk AISecOps Initiative - Splunk Security Roundtable: Zurich 2018
Splunk Discovery: Warsaw 2018 - IT Operations Track
Splunk Discovery: Warsaw 2018 - IT Operations Track
Splunk Discovery Day Milwaukee 9-14-17
Splunk Discovery Day Milwaukee 9-14-17
SplunkLive! London 2017 - Build a Security Portfolio That Strengthens Your Se...
SplunkLive! London 2017 - Build a Security Portfolio That Strengthens Your Se...
Splunk Discovery: Warsaw 2018 - Intro to Security Analytics Methods
Splunk Discovery: Warsaw 2018 - Intro to Security Analytics Methods
Splunk Discovery: Warsaw 2018 - Reimagining IT with Service Intelligence
Splunk Discovery: Warsaw 2018 - Reimagining IT with Service Intelligence
SplunkLive! London 2017 - Splunk Overview
SplunkLive! London 2017 - Splunk Overview
SplunkLive! London 2017 - Travis Perkins
SplunkLive! London 2017 - Travis Perkins
SplunkLive! Paris 2018: Use Splunk for Incident Response, Orchestration and A...
SplunkLive! Paris 2018: Use Splunk for Incident Response, Orchestration and A...
Partner Exec Summit 2018 - Frankfurt: Analytics-driven Security und SOAR
Partner Exec Summit 2018 - Frankfurt: Analytics-driven Security und SOAR
Splunk Discovery: Warsaw 2018 - Solve Your Security Challenges with Splunk En...
Splunk Discovery: Warsaw 2018 - Solve Your Security Challenges with Splunk En...
SplunkLive! Munich 2018: Legacy SIEM to Splunk, How to Conquer Migration and ...
SplunkLive! Munich 2018: Legacy SIEM to Splunk, How to Conquer Migration and ...
SplunkLive! Munich 2018: Use Splunk for incident Response, Orchestration and ...
SplunkLive! Munich 2018: Use Splunk for incident Response, Orchestration and ...
SplunkLive! Zurich 2018: Legacy SIEM to Splunk, How to Conquer Migration and ...
SplunkLive! Zurich 2018: Legacy SIEM to Splunk, How to Conquer Migration and ...
SplunkLive! Paris 2018: Splunk And AI 101
SplunkLive! Paris 2018: Splunk And AI 101
Financial Services Forum_New York, May 17, 2017
Financial Services Forum_New York, May 17, 2017
SplunkLive! Frankfurt 2018 - Use Splunk for Incident Response, Orchestration ...
SplunkLive! Frankfurt 2018 - Use Splunk for Incident Response, Orchestration ...
Splunk Forum Frankfurt - 15th Nov 2017 - Building SOC with Splunk
Splunk Forum Frankfurt - 15th Nov 2017 - Building SOC with Splunk
SplunkLive! Frankfurt 2018 - Legacy SIEM to Splunk, How to Conquer Migration ...
SplunkLive! Frankfurt 2018 - Legacy SIEM to Splunk, How to Conquer Migration ...
Similar to Splunk Discovery: Milan 2018 - Intro to Security Analytics Methods
Security crawl walk run presentation mckay v1 2017
Security crawl walk run presentation mckay v1 2017
Adam Tice
SplunkLive! Munich 2018: Intro to Security Analytics Methods
SplunkLive! Munich 2018: Intro to Security Analytics Methods
Splunk
Using Machine Learning and Analytics to Hunt for Security Threats - Webinar
Using Machine Learning and Analytics to Hunt for Security Threats - Webinar
Splunk
Splunk live nyc_2017_sec_buildinganalyticsdrivensoc
Splunk live nyc_2017_sec_buildinganalyticsdrivensoc
Rene Aguero
SplunkLive! Frankfurt 2018 - Intro to Security Analytics Methods
SplunkLive! Frankfurt 2018 - Intro to Security Analytics Methods
Splunk
Splunk Forum Frankfurt - 15th Nov 2017 - Threat Hunting
Splunk Forum Frankfurt - 15th Nov 2017 - Threat Hunting
Splunk
SplunkLive! Paris 2018: Intro to Security Analytics Methods
SplunkLive! Paris 2018: Intro to Security Analytics Methods
Splunk
Build a Security Portfolio That Strengthens Your Security Posture
Build a Security Portfolio That Strengthens Your Security Posture
Splunk
Security investigation hands on workshop 2018-05
Security investigation hands on workshop 2018-05
YoungCho50
Security investigation hands-on workshop 2018
Security investigation hands-on workshop 2018
YoungCho50
SplunkLive! London 2017 - Building an Analytics Driven Security Operation Cen...
SplunkLive! London 2017 - Building an Analytics Driven Security Operation Cen...
Splunk
How security analytics helps UCAS protect 700,000 student applications
How security analytics helps UCAS protect 700,000 student applications
Splunk
Splunk for Enterprise Security Featuring UBA
Splunk for Enterprise Security Featuring UBA
Splunk
SplunkLive! London 2017 - Happy Apps, Happy Users
SplunkLive! London 2017 - Happy Apps, Happy Users
Splunk
SplunkLive! London 2017 - Splunk Enterprise for IT Troubleshooting
SplunkLive! London 2017 - Splunk Enterprise for IT Troubleshooting
Splunk
Splunk for Enterprise Security featuring UBA Breakout Session
Splunk for Enterprise Security featuring UBA Breakout Session
Splunk
Splunk Forum Frankfurt - 15th Nov 2017 - .conf2017 Update
Splunk Forum Frankfurt - 15th Nov 2017 - .conf2017 Update
Splunk
Splunk-Presentation
Splunk-Presentation
PrasadThorat23
SplunkLive! Zurich 2017 - Advanced Analytics / Machine Learning
SplunkLive! Zurich 2017 - Advanced Analytics / Machine Learning
Splunk
Splunk Discovery Dusseldorf: September 2017 - Security Session
Splunk Discovery Dusseldorf: September 2017 - Security Session
Splunk
Similar to Splunk Discovery: Milan 2018 - Intro to Security Analytics Methods
(20)
Security crawl walk run presentation mckay v1 2017
Security crawl walk run presentation mckay v1 2017
SplunkLive! Munich 2018: Intro to Security Analytics Methods
SplunkLive! Munich 2018: Intro to Security Analytics Methods
Using Machine Learning and Analytics to Hunt for Security Threats - Webinar
Using Machine Learning and Analytics to Hunt for Security Threats - Webinar
Splunk live nyc_2017_sec_buildinganalyticsdrivensoc
Splunk live nyc_2017_sec_buildinganalyticsdrivensoc
SplunkLive! Frankfurt 2018 - Intro to Security Analytics Methods
SplunkLive! Frankfurt 2018 - Intro to Security Analytics Methods
Splunk Forum Frankfurt - 15th Nov 2017 - Threat Hunting
Splunk Forum Frankfurt - 15th Nov 2017 - Threat Hunting
SplunkLive! Paris 2018: Intro to Security Analytics Methods
SplunkLive! Paris 2018: Intro to Security Analytics Methods
Build a Security Portfolio That Strengthens Your Security Posture
Build a Security Portfolio That Strengthens Your Security Posture
Security investigation hands on workshop 2018-05
Security investigation hands on workshop 2018-05
Security investigation hands-on workshop 2018
Security investigation hands-on workshop 2018
SplunkLive! London 2017 - Building an Analytics Driven Security Operation Cen...
SplunkLive! London 2017 - Building an Analytics Driven Security Operation Cen...
How security analytics helps UCAS protect 700,000 student applications
How security analytics helps UCAS protect 700,000 student applications
Splunk for Enterprise Security Featuring UBA
Splunk for Enterprise Security Featuring UBA
SplunkLive! London 2017 - Happy Apps, Happy Users
SplunkLive! London 2017 - Happy Apps, Happy Users
SplunkLive! London 2017 - Splunk Enterprise for IT Troubleshooting
SplunkLive! London 2017 - Splunk Enterprise for IT Troubleshooting
Splunk for Enterprise Security featuring UBA Breakout Session
Splunk for Enterprise Security featuring UBA Breakout Session
Splunk Forum Frankfurt - 15th Nov 2017 - .conf2017 Update
Splunk Forum Frankfurt - 15th Nov 2017 - .conf2017 Update
Splunk-Presentation
Splunk-Presentation
SplunkLive! Zurich 2017 - Advanced Analytics / Machine Learning
SplunkLive! Zurich 2017 - Advanced Analytics / Machine Learning
Splunk Discovery Dusseldorf: September 2017 - Security Session
Splunk Discovery Dusseldorf: September 2017 - Security Session
More from Splunk
.conf Go 2023 - Data analysis as a routine
.conf Go 2023 - Data analysis as a routine
Splunk
.conf Go 2023 - How KPN drives Customer Satisfaction on IPTV
.conf Go 2023 - How KPN drives Customer Satisfaction on IPTV
Splunk
.conf Go 2023 - Navegando la normativa SOX (Telefónica)
.conf Go 2023 - Navegando la normativa SOX (Telefónica)
Splunk
.conf Go 2023 - Raiffeisen Bank International
.conf Go 2023 - Raiffeisen Bank International
Splunk
.conf Go 2023 - På liv og død Om sikkerhetsarbeid i Norsk helsenett
.conf Go 2023 - På liv og død Om sikkerhetsarbeid i Norsk helsenett
Splunk
.conf Go 2023 - Many roads lead to Rome - this was our journey (Julius Bär)
.conf Go 2023 - Many roads lead to Rome - this was our journey (Julius Bär)
Splunk
.conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu...
.conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu...
Splunk
.conf go 2023 - Cyber Resilienz – Herausforderungen und Ansatz für Energiever...
.conf go 2023 - Cyber Resilienz – Herausforderungen und Ansatz für Energiever...
Splunk
.conf go 2023 - De NOC a CSIRT (Cellnex)
.conf go 2023 - De NOC a CSIRT (Cellnex)
Splunk
conf go 2023 - El camino hacia la ciberseguridad (ABANCA)
conf go 2023 - El camino hacia la ciberseguridad (ABANCA)
Splunk
Splunk - BMW connects business and IT with data driven operations SRE and O11y
Splunk - BMW connects business and IT with data driven operations SRE and O11y
Splunk
Splunk x Freenet - .conf Go Köln
Splunk x Freenet - .conf Go Köln
Splunk
Splunk Security Session - .conf Go Köln
Splunk Security Session - .conf Go Köln
Splunk
Data foundations building success, at city scale – Imperial College London
Data foundations building success, at city scale – Imperial College London
Splunk
Splunk: How Vodafone established Operational Analytics in a Hybrid Environmen...
Splunk: How Vodafone established Operational Analytics in a Hybrid Environmen...
Splunk
SOC, Amore Mio! | Security Webinar
SOC, Amore Mio! | Security Webinar
Splunk
.conf Go 2022 - Observability Session
.conf Go 2022 - Observability Session
Splunk
.conf Go Zurich 2022 - Keynote
.conf Go Zurich 2022 - Keynote
Splunk
.conf Go Zurich 2022 - Platform Session
.conf Go Zurich 2022 - Platform Session
Splunk
.conf Go Zurich 2022 - Security Session
.conf Go Zurich 2022 - Security Session
Splunk
More from Splunk
(20)
.conf Go 2023 - Data analysis as a routine
.conf Go 2023 - Data analysis as a routine
.conf Go 2023 - How KPN drives Customer Satisfaction on IPTV
.conf Go 2023 - How KPN drives Customer Satisfaction on IPTV
.conf Go 2023 - Navegando la normativa SOX (Telefónica)
.conf Go 2023 - Navegando la normativa SOX (Telefónica)
.conf Go 2023 - Raiffeisen Bank International
.conf Go 2023 - Raiffeisen Bank International
.conf Go 2023 - På liv og død Om sikkerhetsarbeid i Norsk helsenett
.conf Go 2023 - På liv og død Om sikkerhetsarbeid i Norsk helsenett
.conf Go 2023 - Many roads lead to Rome - this was our journey (Julius Bär)
.conf Go 2023 - Many roads lead to Rome - this was our journey (Julius Bär)
.conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu...
.conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu...
.conf go 2023 - Cyber Resilienz – Herausforderungen und Ansatz für Energiever...
.conf go 2023 - Cyber Resilienz – Herausforderungen und Ansatz für Energiever...
.conf go 2023 - De NOC a CSIRT (Cellnex)
.conf go 2023 - De NOC a CSIRT (Cellnex)
conf go 2023 - El camino hacia la ciberseguridad (ABANCA)
conf go 2023 - El camino hacia la ciberseguridad (ABANCA)
Splunk - BMW connects business and IT with data driven operations SRE and O11y
Splunk - BMW connects business and IT with data driven operations SRE and O11y
Splunk x Freenet - .conf Go Köln
Splunk x Freenet - .conf Go Köln
Splunk Security Session - .conf Go Köln
Splunk Security Session - .conf Go Köln
Data foundations building success, at city scale – Imperial College London
Data foundations building success, at city scale – Imperial College London
Splunk: How Vodafone established Operational Analytics in a Hybrid Environmen...
Splunk: How Vodafone established Operational Analytics in a Hybrid Environmen...
SOC, Amore Mio! | Security Webinar
SOC, Amore Mio! | Security Webinar
.conf Go 2022 - Observability Session
.conf Go 2022 - Observability Session
.conf Go Zurich 2022 - Keynote
.conf Go Zurich 2022 - Keynote
.conf Go Zurich 2022 - Platform Session
.conf Go Zurich 2022 - Platform Session
.conf Go Zurich 2022 - Security Session
.conf Go Zurich 2022 - Security Session
Recently uploaded
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
Padma Pradeep
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
Memoori
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
Sinan KOZAK
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
Scott Keck-Warren
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
BookNet Canada
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
Mark Billinghurst
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
null - The Open Security Community
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
Pixlogix Infotech
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
Ridwan Fadjar
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Alan Dix
Slack Application Development 101 Slides
Slack Application Development 101 Slides
praypatel2
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
HostedbyConfluent
How to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
naman860154
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
ThousandEyes
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
Michael W. Hawkins
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
OnBoard
Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2
Hyundai Motor Group
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
Neo4j
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
Deakin University
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
carlostorres15106
Recently uploaded
(20)
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Slack Application Development 101 Slides
Slack Application Development 101 Slides
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
How to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Splunk Discovery: Milan 2018 - Intro to Security Analytics Methods
1.
© 2017 SPLUNK
INC. Intro to Security Analytics Methods Lorenzo INVERNIZZI I Sales Engineer SESSIONE 3
2.
© 2017 SPLUNK
INC. 1. Intro to Analytics Methods 2. Splunk Security Essentials Overview 3. Demo Scenario 4. Next step Agenda
3.
© 2017 SPLUNK
INC. Common Security Challenges Malicious Insiders Advanced External Attackers Commodity Malware
4.
© 2017 SPLUNK
INC. First Time Seen powered by stats Time Series Analysis with Standard Deviation General Security Analytics Searches Analytics Methods Types of Use Cases
5.
© 2017 SPLUNK
INC. Applying to Stages of an Attack HTTP (web) session to command & control server Remote control, Steal data, Persist in company, Rent as botnet WEB .pdf .pdf executes & unpacks malware overwriting and running “allowed” programs Svchost.exeCalc.exe Attacker hacks website Steals .pdf files Web Portal Attacker creates malware, embed in .pdf, Emails to the target MAIL Read email, open attachment Threat intelligence Auth - User Roles Host Activity/Security Network Activity/Security
6.
© 2017 SPLUNK
INC. Detection of Suspicious Email Activity
7.
© 2017 SPLUNK
INC. Applying to Stages of an Attack HTTP (web) session to command & control server Remote control, Steal data, Persist in company, Rent as botnet WEB .pdf .pdf executes & unpacks malware overwriting and running “allowed” programs Svchost.exeCalc.exe Attacker hacks website Steals .pdf files Web Portal Attacker creates malware, embed in .pdf, Emails to the target MAIL Read email, open attachment Threat intelligence Auth - User Roles Host Activity/Security Network Activity/Security
8.
© 2017 SPLUNK
INC. Verifying Malware Infection
9.
© 2017 SPLUNK
INC. Applying to Stages of an Attack HTTP (web) session to command & control server Remote control, Steal data, Persist in company, Rent as botnet WEB .pdf .pdf executes & unpacks malware overwriting and running “allowed” programs Svchost.exeCalc.exe Attacker hacks website Steals .pdf files Web Portal Attacker creates malware, embed in .pdf, Emails to the target MAIL Read email, open attachment Threat intelligence Auth - User Roles Host Activity/Security Network Activity/Security
10.
© 2017 SPLUNK
INC. Identifying Exfiltration and/or Command and Control
11.
© 2017 SPLUNK
INC. Implementation Approach for Security Analytics Alert Aggregation AlertCreation Investigation Investigative Platform • Analyst flexibility • Provide access to data analysis solutions • Record historical context for everything Simpler Detection • Rules and statistics • Quick development • Easy for analysts ML Based Detection • Detect unknown • New vectors • Heavy data science Threat Detection • Manage high volume • Track entity relationships • Combination ML + Rules
12.
© 2017 SPLUNK
INC. The Splunk Portfolio Rich Ecosystem of Apps & Add-Ons Splunk Premium Solutions Mainframe Data Relational Databases MobileForwarders Syslog/ TCP IoT Devices Network Wire Data Hadoop Platform for Operational Intelligence
13.
© 2017 SPLUNK
INC. Splunk Security Essentials Overview
14.
© 2017 SPLUNK
INC. Download Splunk Security Essentials
15.
© 2017 SPLUNK
INC. Where Can I Install Splunk Security Essentials? Survey Results: Have You Tried to Install the App? Tried and Failed Installed in Dev Installed in Production Installed in Distributed Environment Installed in a SHC Environment Your Laptop! Your Production Environment! All Kinds of Production Environments! Your Dev Environment!
16.
© 2017 SPLUNK
INC. ▶ You can think about operational maturity in terms of data ▶ Start with the basics – get your data into a single location ▶ Then work your way up the stack ▶ Not sure how to start? Yes, there is an app for that Looking at Security in Terms of Data
17.
© 2017 SPLUNK
INC. ▶ Identify bad guys: • 300+ security analytics methods • Target external and insider threats • Scales from small to massive companies • Save from app, send hits to ES/UBA Splunk Security Essentials https://splunkbase.splunk.com/app/3435/ Solve use cases you can today for free, then use Splunk UBA for advanced ML detection.
18.
© 2017 SPLUNK
INC. ▶ Download from apps.splunk.com ▶ Browse use cases that match your needs ▶ Data Source Check shows other use cases for your existing data ▶ Evaluate free tools to meet gaps, such as Microsoft Sysmon • (links inside the app) Getting Started with Splunk Security Essentials
19.
© 2017 SPLUNK
INC. Demo Scenario
20.
© 2017 SPLUNK
INC. ▶ No proxy ▶ No standard file servers ▶ No agents on laptop ▶ Cloud Services with their own APIs How would you detect that? Monitoring Challenges
21.
© 2017 SPLUNK
INC. ▶ Actor: Malicious Insider (because it’s hardest) ▶ Motivation: Going to work for competitor ▶ Target: Accounts, Opportunities, Contacts in Salesforce ▶ Additional Target: Sales Proposals in Box ▶ Exfiltration: Upload to a remote server Apply Splunk to Real Life Scenario Malicious Insider Chris Geremy Director of Finance * Photo of Splunker, I promise she is not a malicious insider
22.
© 2017 SPLUNK
INC. ▶ Ingest Salesforce Event Log File • https://splunkbase.splunk.com/app/1931/ ▶ Ingest Box Data • https://splunkbase.splunk.com/app/2679/ ▶ Install Splunk Security Essentials • https://splunkbase.splunk.com/app/3435/ ▶ Schedule Salesforce use cases ▶ Build a custom Box use case Set Up Monitoring About 1 Hour of Work
23.
© 2017 SPLUNK
INC. ▶ Do you want to build your own detections like this? ▶ What if your environment is totally custom? ▶ No product has ever worked out of the box, and that’s why you like Splunk, right? We’ve got you. But My Company Is So Custom Click Assistants, then “Detect Spikes”
24.
© 2017 SPLUNK
INC. ▶ | inputlookup anonymized_box_logs.csv | search folder="PROPOSALS” | bucket _time span=1d | stats count by user _time ▶ Looking for “count” by “user” with “6” standard deviations
25.
© 2017 SPLUNK
INC. ▶ | inputlookup anonymized_box_logs.csv | search folder="PROPOSALS” | bucket _time span=1d | stats count by user _time ▶ Looking for “count” by “user” with “6” standard deviations Got Her!
26.
© 2017 SPLUNK
INC. Next Steps
27.
© 2017 SPLUNK
INC. ▶ Enterprise Security has a Risk Framework designed for aggregating low severity indicators Aggregate Alerting with ES Risk
28.
© 2017 SPLUNK
INC. ▶ Splunk UBA Threat Models leverage Data Science, Machine Learning ▶ Finds important, inter-related anomalies that analysts should actually view ▶ Support more advanced anomaly detections! Apply Machine Learning With Splunk UBA
29.
© 2017 SPLUNK
INC. ▶ High Confidence alerts from UBA fed into ES ▶ Take actions like • Box: “Change Permissions” • AD: “Reset Password” or “Disable Account” • PAN: Isolate Host ▶ 40+ partners! Respond With ES Adaptive Response
30.
© 2017 SPLUNK
INC. Wrap Up
31.
© 2017 SPLUNK
INC. ▶ Splunk Security Essentials shows you new detection use cases ▶ Ultimately it just uses Splunk Enterprise – power of the platform! ▶ You can build your own use cases easily! ▶ As you advance, look to ES or UBA to improve threat detection What Did We Cover?
32.
© 2017 SPLUNK
INC. Splunk Security Portfolio Splunk Enterprise Detection Human-driven • Log Aggregation • Splunk Security Essentials • Rules, statistics, correlation Realm of Known Enterprise Security Response • OOB key security metrics • Incident response workflow • Adaptive response Splunk UBA Detection ML-driven • Risky behavior detection • Entity profiling, scoring • Kill chain, graph analysis Realm of Unknown
33.
© 2017 SPLUNK
INC. Slow Response from Basic Alerts Fast Response from Advanced Alerts Managing Alert Volume vs Value Use Low Volume Searches Splunk ES Risk Framework Splunk UBA Threat Models UBA + ES Adaptive Response
34.
© 2017 SPLUNK
INC. Use Low Volume Searches Splunk ES Risk Framework Splunk UBA Threat Models UBA + ES Adaptive Response Managing Alert Volume vs Value Everyone starts here, and spends most of their time here
35.
© 2017 SPLUNK
INC. ▶ Download from apps.splunk.com ▶ Find use cases that match your needs ▶ Data Source Check shows other use cases for your existing data ▶ Evaluate free tools to meet gaps, such as Microsoft Sysmon • (links inside the app) Go Get Started With Splunk Security Essentials! [01] [01]
36.
© 2017 SPLUNK
INC.© 2017 SPLUNK INC. GRAZIE
Download now