Sie sind neu beim Thema Splunk? Und Sie brennen darauf mit der Splunk Software loszulegen? Dann kommen Sie in diese Breakout Session und erfahren Sie mehr zur Splunk Software und unserer Technologie, inklusive einer Live Demo, die alle Basics beinhaltet wie Installation, wie bekommt man Daten rein und wie nutzt man Splunk Enterprise. Im Detail lernen Sie:
- Was ist Splunk und wodurch unterscheiden wir uns
- Wie installiert man Splunk und wie kann man Daten analysieren
- Wie bildet man Suchen, Alerts und Reports
- Wie nutzt man Feld Extraktionen, die Splunk Search Language, und Applikationen
Splunk Stream - Einblicke in Netzwerk TrafficSplunk
Wussten Sie, dass Ihre Paket- bzw. Übertragungsdaten wertvolle und detailierte Einblicke für Ihre gesamte Operational Intelligence liefern? In dieser Session erfahren Sie mehr über die skalierbare Softwarelösung Splunk App for Stream (keine Hardware Taps notwendig), welche bestehende Andwendungsszenarien von Splunk in der IT und im Geschäftsbereich verstärkt und erweitert. In einer Live Demo zeigen wir Ihnen, wie Sie mit Übertragungsdaten zu mehr Operational Intelligence gelangen hinsichtlich:
Infrastructure Operations
Application Management
Security
Daten anonymisieren und pseudonymisieren mit Splunk
Es gibt unterschiedlichste Gründe, warum Maschinendaten vor unberechtigten Zugriffen geschützt werden sollten. Interne und Externe Compliance Vorgaben sowie "Privacy by Design" Strategien zur Verbesserung der Sicherheit oder als Teil einer Risiko-Minimierungsstrategie werden für Unternehmen im Big Data Bereich immer wichtiger. In dieser Session erfahren Sie, wie Sie Ihre Maschinendaten auf unterschiedlichen Ebenen schützen:
in Motion: sichern Sie die Verbindungen von und zu Splunk Enterprise ab
Datenintegrität: stellen Sie die Datenintegrität der in Splunk gespeicherten Daten sicher
At Rest: verschlüsseln Sie alle Daten, die Splunk auf Disk schreibt
Einzelne sensible Felder in Ihren Maschinendaten anonymisieren / pseudonymisieren
Splunk Enterpise for Information Security Hands-OnSplunk
Splunk is the ultimate tool for the InfoSec hunter. In this unique session, we’ll dive straight into the Splunk search interface, and interact with wire data harvested from various interesting and hostile environments, as well as some web access logs. We’ll show how you can use Splunk Enterprise with a few free Splunk applications to hunt for attack patterns. We’ll also demonstrate some ways to add context to your data in order to reduce false positives and more quickly respond to information. Bring your laptop – you’ll need a web browser to access our demo systems!
Getting Started with Splunk Enterprise Hands-OnSplunk
Here’s your chance to get hands-on with Splunk for the first time! Bring your modern Mac, Windows, or Linux laptop and we’ll go through a simple install of Splunk. Then, we’ll load some sample data, and see Splunk in action – we’ll cover searching, pivot, reporting, alerting, and dashboard creation. At the end of this session, you’ll have a hands-on understanding of the pieces that make up the Splunk Platform, how it works, and how it fits in the landscape of Big Data. You’ll experience practical examples that differentiate Splunk while demonstrating how to gain quick time to value.
Splunk Stream - Einblicke in Netzwerk TrafficSplunk
Wussten Sie, dass Ihre Paket- bzw. Übertragungsdaten wertvolle und detailierte Einblicke für Ihre gesamte Operational Intelligence liefern? In dieser Session erfahren Sie mehr über die skalierbare Softwarelösung Splunk App for Stream (keine Hardware Taps notwendig), welche bestehende Andwendungsszenarien von Splunk in der IT und im Geschäftsbereich verstärkt und erweitert. In einer Live Demo zeigen wir Ihnen, wie Sie mit Übertragungsdaten zu mehr Operational Intelligence gelangen hinsichtlich:
Infrastructure Operations
Application Management
Security
Daten anonymisieren und pseudonymisieren mit Splunk
Es gibt unterschiedlichste Gründe, warum Maschinendaten vor unberechtigten Zugriffen geschützt werden sollten. Interne und Externe Compliance Vorgaben sowie "Privacy by Design" Strategien zur Verbesserung der Sicherheit oder als Teil einer Risiko-Minimierungsstrategie werden für Unternehmen im Big Data Bereich immer wichtiger. In dieser Session erfahren Sie, wie Sie Ihre Maschinendaten auf unterschiedlichen Ebenen schützen:
in Motion: sichern Sie die Verbindungen von und zu Splunk Enterprise ab
Datenintegrität: stellen Sie die Datenintegrität der in Splunk gespeicherten Daten sicher
At Rest: verschlüsseln Sie alle Daten, die Splunk auf Disk schreibt
Einzelne sensible Felder in Ihren Maschinendaten anonymisieren / pseudonymisieren
Splunk Enterpise for Information Security Hands-OnSplunk
Splunk is the ultimate tool for the InfoSec hunter. In this unique session, we’ll dive straight into the Splunk search interface, and interact with wire data harvested from various interesting and hostile environments, as well as some web access logs. We’ll show how you can use Splunk Enterprise with a few free Splunk applications to hunt for attack patterns. We’ll also demonstrate some ways to add context to your data in order to reduce false positives and more quickly respond to information. Bring your laptop – you’ll need a web browser to access our demo systems!
Getting Started with Splunk Enterprise Hands-OnSplunk
Here’s your chance to get hands-on with Splunk for the first time! Bring your modern Mac, Windows, or Linux laptop and we’ll go through a simple install of Splunk. Then, we’ll load some sample data, and see Splunk in action – we’ll cover searching, pivot, reporting, alerting, and dashboard creation. At the end of this session, you’ll have a hands-on understanding of the pieces that make up the Splunk Platform, how it works, and how it fits in the landscape of Big Data. You’ll experience practical examples that differentiate Splunk while demonstrating how to gain quick time to value.
Splunk conf2014 - Dashboard Fun - Creating an Interactive Transaction ProfilerSplunk
Using Simple XML and Splunk Enterprise, learn how to create easy interactive dashboards to explore data. This demo showcases great tools to put ion the hands of Splunk users, help desk users and IT Operations staff.
If you’re just getting started with Splunk, this session will help you understand how to use Splunk software to turn your silos of data into insights that are actionable. In this session, we’ll dive right into a Splunk environment and show you how to use the simple Splunk search interface to quickly find the needle-in-the-haystack or multiple needles in multiple haystacks. We’ll demonstrate how to perform rapid ad-hoc searches to conduct routine investigations across your entire IT infrastructure in one place, whether physical, virtual or in the cloud. We’ll show you how to then convert these searches into real time alerts and dashboards, so you can proactively monitor for problems before they impact your end user. We’ll demonstrate how you can use Splunk to connect the dots across heterogeneous systems in your environment for cross-tier, cross-silo visibility. You’ll have access to a demo environment. So, don’t forget to bring your laptop and follow along for a hands-on experience.
Here’s your chance to get hands-on with Splunk for the first time! Bring your modern Mac, Windows, or Linux laptop and we’ll go through a simple install of Splunk. Then, we’ll load some sample data, and see Splunk in action – we’ll cover searching, pivot, reporting, alerting, and dashboard creation. At the end of this session you’ll have a hands-on understanding of the pieces that make up the Splunk Platform, how it works, and how it fits in the landscape of Big Data. You’ll experience practical examples that differentiate Splunk while demonstrating how to gain quick time to value.
Besides seeing the newest features in Splunk Enterprise and learning the best practices for data models and pivot, we will show you how to use a handful of search commands that will solve most search needs. Learn these well and become a ninja.
David Veuve, SE, Splunk, walks the audience through automated threat intelligence response, behavioral profiling, anomaly detection, and tracking an attack against the kill chain.
Level Up Your Security Skills in Splunk EnterpriseSplunk
During this advanced Splunk webinar, Splunk security experts covered the following security scenarios:
- Automated threat intelligence response
- Behavior profiling
- Anomaly detection
- Tracking an attack against the “kill chain”
You can watch a recording of the webinar here: https://splunkevents.webex.com/splunkevents/lsr.php?RCID=8163d71e6fa0646beb8f8354bfac61a1
Drive more value through data source and use case optimization Splunk
Do you wish you had a way to better illustrate the value of Splunk to your leadership? Better yet, do you wish you had a way to illustrate how much MORE value is possible from Splunk leveraging the data you plan on indexing in one functional area or are already indexing today? We can help with that! Come learn the how and why of data source and use case optimization.
Splunk Enterpise for Information Security Hands-OnSplunk
Splunk is the ultimate tool for the InfoSec hunter. In this unique session, we’ll dive straight into the Splunk search interface, and interact with wire data harvested from various interesting and hostile environments, as well as some web access logs. We’ll show how you can use Splunk Enterprise with a few free Splunk applications to hunt for attack patterns representing SQL injection, data exfiltration, and C2 communication. We’ll show how to find evidence of RATs, brute force attempts, and directory traversal. Finally, we'll also demonstrate some ways to add context to your data in order to reduce false positives and more quickly respond to information. Bring your laptop – you’ll need a web browser to access our demo systems.
Sie haben viel Geld für Ihre Security Infrastruktur ausgegeben. Wie führen Sie nun all die verschiedenen Systeme zusammen, damit Sie Ihre Ziele erreichen: Bedrohungen schnelle entdecken, darauf reagieren und sie zukünftig zu verhindern. Gleichzeitg soll es Ihrem Security Team natürlich möglich sein, im Sinne Ihre Geschäftstätigkeit und Strategie zu handeln. Erfahren Sie hier, wie Sie Ihre Security Ressources am effektivsten einsetzen. Wir zeigen Ihnen das Ganze in einer Live Demo.
Splunk conf2014 - Dashboard Fun - Creating an Interactive Transaction ProfilerSplunk
Using Simple XML and Splunk Enterprise, learn how to create easy interactive dashboards to explore data. This demo showcases great tools to put ion the hands of Splunk users, help desk users and IT Operations staff.
If you’re just getting started with Splunk, this session will help you understand how to use Splunk software to turn your silos of data into insights that are actionable. In this session, we’ll dive right into a Splunk environment and show you how to use the simple Splunk search interface to quickly find the needle-in-the-haystack or multiple needles in multiple haystacks. We’ll demonstrate how to perform rapid ad-hoc searches to conduct routine investigations across your entire IT infrastructure in one place, whether physical, virtual or in the cloud. We’ll show you how to then convert these searches into real time alerts and dashboards, so you can proactively monitor for problems before they impact your end user. We’ll demonstrate how you can use Splunk to connect the dots across heterogeneous systems in your environment for cross-tier, cross-silo visibility. You’ll have access to a demo environment. So, don’t forget to bring your laptop and follow along for a hands-on experience.
Here’s your chance to get hands-on with Splunk for the first time! Bring your modern Mac, Windows, or Linux laptop and we’ll go through a simple install of Splunk. Then, we’ll load some sample data, and see Splunk in action – we’ll cover searching, pivot, reporting, alerting, and dashboard creation. At the end of this session you’ll have a hands-on understanding of the pieces that make up the Splunk Platform, how it works, and how it fits in the landscape of Big Data. You’ll experience practical examples that differentiate Splunk while demonstrating how to gain quick time to value.
Besides seeing the newest features in Splunk Enterprise and learning the best practices for data models and pivot, we will show you how to use a handful of search commands that will solve most search needs. Learn these well and become a ninja.
David Veuve, SE, Splunk, walks the audience through automated threat intelligence response, behavioral profiling, anomaly detection, and tracking an attack against the kill chain.
Level Up Your Security Skills in Splunk EnterpriseSplunk
During this advanced Splunk webinar, Splunk security experts covered the following security scenarios:
- Automated threat intelligence response
- Behavior profiling
- Anomaly detection
- Tracking an attack against the “kill chain”
You can watch a recording of the webinar here: https://splunkevents.webex.com/splunkevents/lsr.php?RCID=8163d71e6fa0646beb8f8354bfac61a1
Drive more value through data source and use case optimization Splunk
Do you wish you had a way to better illustrate the value of Splunk to your leadership? Better yet, do you wish you had a way to illustrate how much MORE value is possible from Splunk leveraging the data you plan on indexing in one functional area or are already indexing today? We can help with that! Come learn the how and why of data source and use case optimization.
Splunk Enterpise for Information Security Hands-OnSplunk
Splunk is the ultimate tool for the InfoSec hunter. In this unique session, we’ll dive straight into the Splunk search interface, and interact with wire data harvested from various interesting and hostile environments, as well as some web access logs. We’ll show how you can use Splunk Enterprise with a few free Splunk applications to hunt for attack patterns representing SQL injection, data exfiltration, and C2 communication. We’ll show how to find evidence of RATs, brute force attempts, and directory traversal. Finally, we'll also demonstrate some ways to add context to your data in order to reduce false positives and more quickly respond to information. Bring your laptop – you’ll need a web browser to access our demo systems.
Sie haben viel Geld für Ihre Security Infrastruktur ausgegeben. Wie führen Sie nun all die verschiedenen Systeme zusammen, damit Sie Ihre Ziele erreichen: Bedrohungen schnelle entdecken, darauf reagieren und sie zukünftig zu verhindern. Gleichzeitg soll es Ihrem Security Team natürlich möglich sein, im Sinne Ihre Geschäftstätigkeit und Strategie zu handeln. Erfahren Sie hier, wie Sie Ihre Security Ressources am effektivsten einsetzen. Wir zeigen Ihnen das Ganze in einer Live Demo.
Wussten Sie, dass die Splunk Search Processing Language (SPL) weit mehr kann als “nur” suchen? Wir zeigen Ihnen in unserer Session die gesamten Möglichkeiten von SPL! Erfahren Sie, wie Sie sie zum Suchen, Transformieren und Visualisieren von jeglichen Maschinendaten mit über 140 Befehlen nutzen können . In dieser Breakout Session lernen Sie neue Techniken kennen, die Ihnen dabei helfen können, weitere Use Case Möglichkeiten zu entdecken. Finden Sie heraus, wie Sie folgendes besser machen können:
- "Die Nadel im Heuhaufen finden" sowie Root Cause Analysen
- Verbinden von ungleichen Datensätzen und Erforschen von Beziehungen zwischen Feldern
- Geografische Datenvisualisierungen in nahezu Echtzeit
- Statistiken kalkulieren, Anomalien finden und Ergebnisse vorhersagen.
Daten getriebene Service Intelligence mit Splunk ITSISplunk
Service Intelligence Modelle sind am effektivsten, wenn Sie auch mit speziellen Geschäftszielen und Initiativen verbunden sind und wenn sie kontinuierlich diese Zielerreichung messen. In dieser Session behandeln wir Best Practices und Techniken, um Ihre Service Intelligence Initiativen voranzutreiben. Wir werden ein effektives Serivce Intelligence Modele näher analysieren und dann ein Beispiel Modell entwerfen, mit dem sich die Geschäftsziele erreichen lassen und auch die Ziele für den Gschäftsmehrwert messen lassen.
Sie haben von Machine Learning gehört, aber wissen nicht ganz genau, was es ist oder wofür es gut sein soll? Erfharen Sie mehr zu Andwendungsfällen im Bereich Security, IT Operations, Business Analytics und Internet of Things / Industrie 4.0. Sehen Sie Machine Learning in Action in splunk und finden Sie heraus, wo Ihre Datenreise als nächstes hinführt.
UX, ethnography and possibilities: for Libraries, Museums and ArchivesNed Potter
These slides are adapted from a talk I gave at the Welsh Government's Marketing Awards for the LAM sector, in 2017.
It offers a primer on UX - User Experience - and how ethnography and design might be used in the library, archive and museum worlds to better understand our users. All good marketing starts with audience insight.
The presentation covers the following:
1) An introduction to UX
2) Ethnography, with definitions and examples of 7 ethnographic techniques
3) User-centred design and Design Thinking
4) Examples of UX-led changes made at institutions in the UK and Scandinavia
5) Next Steps - if you'd like to try out UX at your own organisation
The technologies and people we are designing experiences for are constantly changing, in most cases they are changing at a rate that is difficult keep up with. When we think about how our teams are structured and the design processes we use in light of this challenge, a new design problem (or problem space) emerges, one that requires us to focus inward. How do we structure our teams and processes to be resilient? What would happen if we looked at our teams and design process as IA’s, Designers, Researchers? What strategies would we put in place to help them be successful? This talk will look at challenges we face leading, supporting, or simply being a part of design teams creating experiences for user groups with changing technological needs.
An immersive workshop at General Assembly, SF. I typically teach this workshop at General Assembly, San Francisco. To see a list of my upcoming classes, visit https://generalassemb.ly/instructors/seth-familian/4813
I also teach this workshop as a private lunch-and-learn or half-day immersive session for corporate clients. To learn more about pricing and availability, please contact me at http://familian1.com
3 Things Every Sales Team Needs to Be Thinking About in 2017Drift
Thinking about your sales team's goals for 2017? Drift's VP of Sales shares 3 things you can do to improve conversion rates and drive more revenue.
Read the full story on the Drift blog here: http://blog.drift.com/sales-team-tips
How to Become a Thought Leader in Your NicheLeslie Samuel
Are bloggers thought leaders? Here are some tips on how you can become one. Provide great value, put awesome content out there on a regular basis, and help others.
Here’s your chance to get hands-on with Splunk for the first time! Bring your modern Mac, Windows, or Linux laptop and we’ll go through a simple install of Splunk. Then, we’ll load some sample data, and see Splunk in action – we’ll cover searching, pivot, reporting, alerting, and dashboard creation. At the end of this session you’ll have a hands-on understanding of the pieces that make up the Splunk Platform, how it works, and how it fits in the landscape of Big Data. You’ll experience practical examples that differentiate Splunk while demonstrating how to gain quick time to value.
SplunkLive! Zurich 2017 - Getting Started with Splunk EnterpriseSplunk
Here’s your chance to get hands-on with Splunk for the first time! Bring your modern Mac, Windows, or Linux laptop and we’ll go through a simple install of Splunk. Then, we’ll load some sample data, and see Splunk in action – we’ll cover searching, pivot, reporting, alerting, and dashboard creation. At the end of this session you’ll have a hands-on understanding of the pieces that make up the Splunk Platform, how it works, and how it fits in the landscape of Big Data. You’ll experience practical examples that differentiate Splunk while demonstrating how to gain quick time to value.
Getting Started with Splunk Enterprise - DemoSplunk
What is Splunk? At the end of this session you’ll have a high-level understanding of the pieces that make up the Splunk Platform, how it works, and how it fits in the landscape of Big Data. You’ll see practical examples that differentiate Splunk while demonstrating how to gain quick time to value.
Splunk Ninjas: New Features, Pivot, and Search DojoSplunk
Besides seeing the newest features in Splunk Enterprise and learning the best practices for data models and pivot, we will show you how to use a handful of search commands that will solve most search needs. Learn these well and become a ninja.
SplunkLive! Tampa: Splunk for Security - Hands-On SessionSplunk
Join our Security Expert and learn how to use the Splunk App for Enterprise Security (ES) in a live, hands-on session. We'll take a tour through Splunk's award-winning security offering to understand some of the unique capabilities in the product. Then, we'll use ES to work an incident and disrupt an adversary's Kill Chain by finding the Actions on Intent, Exploitation Methods, and Reconnaissance Tactics used against a simulated organization. Data investigated will include threat list intelligence feeds, endpoint activity logs, e-mail logs, and web access logs. This session is a must for all security experts!
IBM developerWorks Cloud Trial: Creating an Application Workload service: How to complete the wizard for provisioning an Application Workload service, how to monitor the provisioning of the service, how to log into the provisioned service, how to customize it.
Apache Spark 3.0: Overview of What’s New and Why CareDatabricks
Continuing with the objectives to make Spark faster, easier, and smarter, Apache Spark 3.0 extends its scope with more than 3000 resolved JIRAs. We will talk about the exciting new developments in the Spark 3.0 as well as some other initiatives that are coming in the future. In this talk, we want to share with the Bogota Spark community an overview of Spark 3.0 features and enhancements.
In particular, we will touch upon the following areas:
* Performance Improvement Features
* Improved Useability Features
* ANSI SQL Compliance
* Pandas UDFs
* Compatibility and migration considerations
* Spark Ecosystem: Delta Lake, Project Hydrogen, and Project Zen
Splunk Ninjas: New Features, Pivot, and Search DojoSplunk
Besides seeing the newest features in Splunk Enterprise and learning the best practices for data models and pivot, we will show you how to use a handful of search commands that will solve most search needs. Learn these well and become a ninja.
SplunkLive! Tampa: Splunk Ninjas: New Features, Pivot, and Search Dojo Splunk
Besides seeing the newest features in Splunk Enterprise and learning the best practices for data models and pivot, we will show you how to use a handful of search commands that will solve most search needs. Learn these well and become a ninja.
.conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu...Splunk
.conf Go 2023 presentation:
"Das passende Rezept für die digitale (Security) Revolution zur Telematik Infrastruktur 2.0 im Gesundheitswesen?"
Speaker: Stefan Stein -
Teamleiter CERT | gematik GmbH M.Eng. IT-Sicherheit & Forensik,
doctorate student at TH Brandenburg & Universität Dresden
.conf Go 2023 presentation:
De NOC a CSIRT
Speakers:
Daniel Reina - Country Head of Security Cellnex (España) & Global SOC Manager Cellnex
Samuel Noval - Global CSIRT Team Leader, Cellnex
Splunk - BMW connects business and IT with data driven operations SRE and O11ySplunk
BMW is defining the next level of mobility - digital interactions and technology are the backbone to continued success with its customers. Discover how an IT team is tackling the journey of business transformation at scale whilst maintaining (and showing the importance of) business and IT service availability. Learn how BMW introduced frameworks to connect business and IT, using real-time data to mitigate customer impact, as Michael and Mark share their experience in building operations for a resilient future.
Data foundations building success, at city scale – Imperial College LondonSplunk
Universities have more in common with modern cities than traditional places of learning. This mini city needs to empower its citizens to thrive and achieve their ambitions. Operationalising data is key to building critical services; from understanding complex IT estates for smarter decision-making to robust security and a more reliable, resilient student experience. Juan will share his experience in building data foundations for a resilient future whilst enabling digital transformation at Imperial College London.
Splunk: How Vodafone established Operational Analytics in a Hybrid Environmen...Splunk
Learn how Vodafone has provided end-to-end visibility across services by building an Operational Analytics Platform. In this session, you will hear how Stefan and his team manage legacy, on premise, hybrid and public cloud services, and how they are providing a platform for complex triage and debugging to tackle use cases across Vodafone’s extensive ecosystem.
.italo operates an Essential Service by connecting more than 100 million people annually across Italy with its super fast and secure railway. And CISO Enrico Maresca has been on a whirlwind journey of his own.
Formerly a Cyber Security Engineer, Enrico started at .italo as an IT Security Manager. One year later, he was promoted to CISO and tasked with building out – and significantly increasing the maturity level – of the SOC. The result was a huge step forward for .italo.
So how did he successfully achieve this ambitious ask? Join Enrico as he reveals the key insights and lessons learned in his SOC journey, including:
Top challenges faced in improving security posture
Key KPIs implemented in order to measure success
Strategies and approaches applied in the SOC
How MITRE ATT&CK and Splunk Enterprise Security were utilised
Next steps in their maturity journey ahead
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
7. 7
What Does Machine Data Look Like?
Sources
Order Processing
Twitter
Care IVR
Middleware
Error
8. 8
Machine Data Contains Critical Insights
Customer ID Order ID
Customer’s Tweet
Time Waiting On
Hold
Twitter ID
Product ID
Company’s Twitter ID
Customer ID
Order ID
Customer ID
Sources
Order Processing
Twitter
Care IVR
Middleware
Error
9. 9
Splunk Unlocks Critical Insights
Order ID
Customer’s Tweet
Time Waiting On
Hold
Product ID
Company’s Twitter ID
Order ID
Customer
ID
Twitter ID
Customer ID
Customer ID
Sources
Order Processing
Twitter
Care IVR
Middleware
Error
10. 10
THE Industry Leading Platform For Machine Data
Machine Data: Any Location, Type, Volume
Online
Services Web
Services
Servers
Security GPS
Location
Storage
Desktops
Networks
Packaged
Applications
Custom
ApplicationsMessaging
Telecoms
Online
Shopping
Cart
Web
Clickstreams
Databases
Energy
Meters
Call Detail
Records
Smartphones
and Devices
RFID
On-
Premises
Private
Cloud
Public
Cloud
Platform Support (Apps / API / SDKs)
Enterprise Scalability
Universal Indexing
Answer Any Question
Developer
Platform
Report
and
analyze
Custom
dashboards
Monitor
and alert
Ad hoc
search
Universal
Machine Data
Platform
No backend database
Schema-on-the-fly
No need to filter data
Quick time to value
Agile reporting and analytics
Real-time architecture
11. 11
Time to start SPLUNKING!!!
SplunkLive! Presentations
– http://splunklive.splunk.com/presentations.html
Documentation
– http://www.splunk.com/base/Documentation
Technical Support
– http://www.splunk.com/support
Videos
– http://www.splunk.com/videos
Education
– http://education.splunk.com
Community
– http://answers.splunk.com
Splunk Book
– http://splunkbook.com
Where do I go
for help?
12. 12
dev.splunk.com
40,000+ Q & A – answers.splunk.com
1,200+ apps
splunkbase.splunk.com
Thriving Splunk Community
12
usergroups.splunk.com
29. 29
Notice the time picker changed with our drill into the histogram bar.
30. 30
Given that this data is web access, lets do a string search for 400, which is a “Bad Request” code.
Notice that there’s 188 events returned. (number will vary for you).
31. 31
Lets also add 300 into the mix, and notice that my event count is higher now.
32. 32
We can see the 400 status codes, but not 300’s. That’s because the string search of 300 doesn’t explicitly
search for status code of 300 – it’ll string match any event that contains “300”.
34. 34
Great, we’re now returned all the events containing the two status codes we searched for.
Click on “Top values by time”, which will build out a timechart for us.
35. 35
Notice how our search query changed, there’s a | (pipe), and a timechart command added.
The pipe followed by a command allows further operation on your filtered data set.
36. 36
Let’s change our search to: buttercupgames status=*
And – drill into one bar on the histogram.
37. 37
Click on “top values by time” under the status field on the left, which will produce the timechart above.
38. 38
Let’s exclude 200 status codes by adding AND status!=200, and change Line to Column.
39. 39
After changing from Line to Column, lets Stack the results (middle stack under Stack Mode). Much better!
40. 40
Lets now save this to a dashboard, a place we can go to view this search without having to remember
what we had just searched for. Click Save AS -> Dashboard Panel. Fill in, and click Save. Then View dashboard.
41. 41
Click on Search to get us back to our search bar, and lets key in: buttercupgames.
Development wants to know what web browsers are being used to access the site, but no fields currently
exist. No problem – lets extract the browser field.
Find an event that contains a value that you’re looking for, and click the “>” arrow just to the left of “Time”.
The event will expand with a down arrow, and Extract Fields will be under Event Actions. Click Extract Fields.
42. 42
Click Regular Expression (Splunk will build a regular expression to extract our fields), and click next.
Highlight the value of the field you’d like to create, and lets name the field: browser_type
Click Add Extraction.
43. 43
Let’s verify that the extracted field contains values that are indeed types of browsers.
Good, click next to proceed.
Now, open the permissions to “App” which will allow users of the App the ability to leverage this extraction.
Click Next.
45. 45
You’ll now be taken to search, with the filter set to the sourcetype that the field extraction has been applied
to. Note – field extractions are coupled to a sourcetype.
Click on “Top values”.
46. 46
Notice how the search changed. And, instead of a bar graph, we want a pie chart, so drop down the “bar”
option and change it to Pie.
47. 47
Lets add this search to our dashboard, and then view the dashboard.
Click Edit -> Edit Panels to drag the different panels to different positions.
48. 48
Let’s go back to search, and search for buttercupgames AND status!=200 (we want to see events that aren’t successful. Add
the stats and where clause above, to return when there’s more than 100 unsuccessful status codes.
49. 49
Let’s create an alert. Save As -> Alert. Fill out the Title, Scheduled, Earliest + Latest, and Cron Expression
(Instead of 48, change to minutes a few ahead of your current time. Ie. If it’s 9:00am, change to 05.
51. 51
You should see an alert trigger once your scheduled search runs at the cron expression you defined.
*Note – it was mentioned that alerts wouldn’t work on a trial license. *Correction – alerts will work until the
trial license expires.
52. 52
Let’s go back to search and: buttercupgames status=* | iplocation clientip
We want to lookup the clientip values against the MaxMind database to pull in City, Country, State, Lat, Lon
of the IPs.
53. 53
Now, business is interested in seeing plots on a map of web users and what they’re doing with the website.
Lets append a geostats command that counts the events by the values of the action field. Pretty cool! This is
definitely dashboard worthy! Lets add to dashboard.
54. 54
Awesome! Now we have a single pane of glass that Operations, Development, and Business all care about –
from one data source! Talk about value!
57. 57
Set up Before You Can Play
Get the following at splunk.com
Download Splunk Enterprise
https://www.splunk.com/download
Dowload the Tutorial Data
http://splk.it/2ey34P8
Dowload the lookup file
http://splk.it/2fCgpXw
Download the Search Tutorial
http://splk.it/2ePSYKB
58. 58
IMPORT THE ZIP FILE, not individual files within it:
http://www.splunkbook.com
(sample data is located under ‘related links’ section)
Log into Splunk – http://127.0.0.1:8000 username=admin
password=changeme
To add the file to Splunk:
– Click Add Data
– Click Upload files from my computer.
– Drag and drop you sample data zip file.
– Review and Finish.
Getting Data into Splunk
We will import
sample web
ecommerce store
events
59. 59
Common problems at this point
License expired (already had older version installed)
– Close browser, empty cache, open browser. If that doesn’t work:
– Stop Splunk.
– Uninstall all Splunk versions
Windows Control Panel->Uninstall programs->Splunk
OS X. Finder->Applications->Right click Splunk, Move to trash
– Reinstall
– Start Splunk
Can’t start Splunk
– Windows, Search Control panel ->Services->Splunk start
– Linux; cd <SPLUNK dir>/splunk/bin;./splunk start
Intro
Mention to people to start downloading Splunk
At Splunk, our mission is to make machine data accessible, usable and valuable to everyone. And this overarching mission is what drives our company and product priorities.
At it’s core, the Splunk platform enables you to:
Collect data from anywhere – with universal forwarding and indexing technology.
Search and analyze across all your data – with powerful search and schema-on-the-fly technology.
Rapidly deliver real-time insights from machine data to IT and business people – through a powerful UI and dashboards.
This is what we call Operational Intelligence.
What is machine data?
Machine data is the definitive record of what’s happening or has happened in your technology infrastructure
Often machine data is linked through common information or fields
Valuable because it contains records of user behavior, infrastructure, application and service health and customer experience.
All technology creates machine data and its projected to grow 40-60% compounded annually
At the same time, these massive streams of data come in an array of unpredictable formats that are difficult to process and analyze in a timely manner by traditional methods (data warehouse in database)
Machine data has lots of VARIETY and high volume.
You’ll notice that machine data events are also typically time-stamped – or time-series data.
Take this example of purchasing a product on your tablet or smartphone:
the purchase transaction fails
you call the call center
then tweet about your experience
all these events are captured as they occur in the machine data generated by the different systems supporting these different interactions.
each of the underlying systems can generate millions of machine data events daily that can be very difficult to understand using traditional methods.
When we look more closely at the data we see that it contains valuable information –
customer id, order id, time waiting on hold, twitter id … what was tweeted.
If you can correlate and visualize related events across these disparate sources, you can build a picture of activity, behavior and experience.
That’s exactly what Splunk is designed to do
And that’s exactly what Splunk empowers organizations to do. Correlating high volume machine data from disparate data sources in real-time without the need to transform the data so organizations can make more informed decisions at the pace of their business.
All of this is accomplished with:
No backend database
No custom connectors
Without filtering data – no need to filter data for questions that you have now, index all your data to support questions that you’ll have in the future.
Without knowing the questions before hand.
While Providing a quick time to value
With agile reporting and analytics
All in real-time
Splunk has an active community:
There is also an emerging ecosystem of new companies building apps on top of the Splunk Enterprise platform. These companies are taking advantage of open APIs and new platform capabilities to create an entirely new generation of applications.
How many of you have used Splunk Answers? Our technical support is consistently rated as industry leading and Splunk Answers has answers to thousands of questions. It’s the go to place for your questions – and answers.
You can participate in meet-ups and User Groups or you can contribute to our forums. You can also attend local SplunkLive events to hear how your peers are using machine data.