Splunk is a powerful platform for understanding your data. The preview of the Machine Learning Toolkit and Showcase App extends Splunk with a rich suite of advanced analytics and machine learning algorithms, which are exposed via an API and demonstrated in a showcase. In this session, we'll present an overview of the app architecture and API and then show you how to use Splunk to easily perform a wide variety of tasks, including outlier detection, predictive analytics, event clustering, and anomaly detection. We’ll use real data to explore these techniques and explain the intuition behind the analytics.
SplunkLive Sydney Machine Learning & AnalyticsSplunk
Splunk is a powerful platform for understanding your data. The preview of the Machine Learning Toolkit and Showcase App extends Splunk with a rich suite of advanced analytics and machine learning algorithms, which are exposed via an API and demonstrated in a showcase. In this session, we'll present an overview of the app architecture and API and then show you how to use Splunk to easily perform a wide variety of tasks, including outlier detection, predictive analytics, event clustering, and anomaly detection. We’ll use real data to explore these techniques and explain the intuition behind the analytics.
SplunkLive Melbourne Splunk for Operational Security Intelligence Splunk
You have spent a ton of money on your security infrastructure. But how do you string all those things together so you can achieve your goals of reducing time to response, detecting, preventing threats. And most importantly, having your security team serve your business and mission. Learn how to organize your security resources to get the best benefit. See a live demonstration of operationalizing those resources so your security teams can do more for your organization.
Accelerate Troubleshooting and Reinvent Monitoring with Interactive Visualiza...Splunk
Time is money, especially when it’s downtime impacting your services. Splunk IT Service Intelligence (ITSI) introduces an enhanced troubleshooting and monitoring experience that enables you to visually investigate issues and prevent outages, faster than ever before.
Thiis demo-rich webinar helps you to understand how you can use Splunk ITSI to:
- Speed up investigations by organizing and correlating relevant metrics and events into “swim lanes”
- Compare performance over time with real-time performance to understand trends and identify systemic issues
- Identify and alert on notable events by creating predefined correlation searches
SplunkLive Melbourne Enterprise Security & User Behavior AnalyticsGabrielle Knowles
This session will review Splunk’s two premium solutions for information security organizations: Splunk for Enterprise Security (ES) and Splunk User Behavior Analytics (UBA). Splunk ES is Splunk's award-winning security intelligence solution that brings immediate value for continuous monitoring across SOC and incident response environments – allowing you to quickly detect and respond to external and internal attacks, simplifying threat management while decreasing risk. Splunk UBA is a new technology that applies unsupervised machine learning and data science to solving one of the biggest problems in information security today: insider threat. You’ll learn how Splunk UBA works in tandem with ES, or third-party data sources, to bring significant automated analytical power to your SOC and Incident Response teams. We’ll discuss each solution and see them integrated and in action through detailed demos.
SplunkLive Brisbane Splunk for Operational Security IntelligenceGabrielle Knowles
You have spent a ton of money on your security infrastructure. But how do you string all those things together so you can achieve your goals of reducing time to response, detecting, preventing threats. And most importantly, having your security team serve your business and mission. Learn how to organize your security resources to get the best benefit. See a live demonstration of operationalizing those resources so your security teams can do more for your organization.
SplunkLive Sydney Machine Learning & AnalyticsSplunk
Splunk is a powerful platform for understanding your data. The preview of the Machine Learning Toolkit and Showcase App extends Splunk with a rich suite of advanced analytics and machine learning algorithms, which are exposed via an API and demonstrated in a showcase. In this session, we'll present an overview of the app architecture and API and then show you how to use Splunk to easily perform a wide variety of tasks, including outlier detection, predictive analytics, event clustering, and anomaly detection. We’ll use real data to explore these techniques and explain the intuition behind the analytics.
SplunkLive Melbourne Splunk for Operational Security Intelligence Splunk
You have spent a ton of money on your security infrastructure. But how do you string all those things together so you can achieve your goals of reducing time to response, detecting, preventing threats. And most importantly, having your security team serve your business and mission. Learn how to organize your security resources to get the best benefit. See a live demonstration of operationalizing those resources so your security teams can do more for your organization.
Accelerate Troubleshooting and Reinvent Monitoring with Interactive Visualiza...Splunk
Time is money, especially when it’s downtime impacting your services. Splunk IT Service Intelligence (ITSI) introduces an enhanced troubleshooting and monitoring experience that enables you to visually investigate issues and prevent outages, faster than ever before.
Thiis demo-rich webinar helps you to understand how you can use Splunk ITSI to:
- Speed up investigations by organizing and correlating relevant metrics and events into “swim lanes”
- Compare performance over time with real-time performance to understand trends and identify systemic issues
- Identify and alert on notable events by creating predefined correlation searches
SplunkLive Melbourne Enterprise Security & User Behavior AnalyticsGabrielle Knowles
This session will review Splunk’s two premium solutions for information security organizations: Splunk for Enterprise Security (ES) and Splunk User Behavior Analytics (UBA). Splunk ES is Splunk's award-winning security intelligence solution that brings immediate value for continuous monitoring across SOC and incident response environments – allowing you to quickly detect and respond to external and internal attacks, simplifying threat management while decreasing risk. Splunk UBA is a new technology that applies unsupervised machine learning and data science to solving one of the biggest problems in information security today: insider threat. You’ll learn how Splunk UBA works in tandem with ES, or third-party data sources, to bring significant automated analytical power to your SOC and Incident Response teams. We’ll discuss each solution and see them integrated and in action through detailed demos.
SplunkLive Brisbane Splunk for Operational Security IntelligenceGabrielle Knowles
You have spent a ton of money on your security infrastructure. But how do you string all those things together so you can achieve your goals of reducing time to response, detecting, preventing threats. And most importantly, having your security team serve your business and mission. Learn how to organize your security resources to get the best benefit. See a live demonstration of operationalizing those resources so your security teams can do more for your organization.
SplunkLive Canberra Enterprise Security & User Behavior AnalyticsGabrielle Knowles
This session will review Splunk’s two premium solutions for information security organizations: Splunk for Enterprise Security (ES) and Splunk User Behavior Analytics (UBA). Splunk ES is Splunk's award-winning security intelligence solution that brings immediate value for continuous monitoring across SOC and incident response environments – allowing you to quickly detect and respond to external and internal attacks, simplifying threat management while decreasing risk. Splunk UBA is a new technology that applies unsupervised machine learning and data science to solving one of the biggest problems in information security today: insider threat. You’ll learn how Splunk UBA works in tandem with ES, or third-party data sources, to bring significant automated analytical power to your SOC and Incident Response teams. We’ll discuss each solution and see them integrated and in action through detailed demos.
SplunkLive Sydney Enterprise Security & User Behavior AnalyticsGabrielle Knowles
Leverage the Splunk architecture to provide the best possible performance. Whether deploying on premise, in the cloud or on Splunk Cloud, this session will guide you through scenarios that will assist in getting the best from all these options. The agenda also covers how you can plan your searches and reporting to provide the best results for your end users.
SplunkLive Perth Enterprise Security & User Behavior AnalyticsGabrielle Knowles
This session will review Splunk’s two premium solutions for information security organizations: Splunk for Enterprise Security (ES) and Splunk User Behavior Analytics (UBA). Splunk ES is Splunk's award-winning security intelligence solution that brings immediate value for continuous monitoring across SOC and incident response environments – allowing you to quickly detect and respond to external and internal attacks, simplifying threat management while decreasing risk. Splunk UBA is a new technology that applies unsupervised machine learning and data science to solving one of the biggest problems in information security today: insider threat. You’ll learn how Splunk UBA works in tandem with ES, or third-party data sources, to bring significant automated analytical power to your SOC and Incident Response teams. We’ll discuss each solution and see them integrated and in action through detailed demos.
The ongoing cyber-war has a front line and that is the endpoint. In this session, you'll learn various methods to improve endpoint security with the Splunk Universal Forwarder and with commercial endpoint solutions. You can gain critical, timely, detailed information about what's happening on your desktops, laptops, hosts, and POS systems. You can correlate this data to network, threat intel, and other data sources. You'll learn how filesystem details, processes, services, hashes, ports, registry settings and more can be used to detect attackers. This will help any organization using Splunk to greatly improve their security posture.
Splunk is a powerful platform for understanding your data. The preview of the Machine Learning Toolkit and Showcase App extends Splunk with a rich suite of advanced analytics and machine learning algorithms, which are exposed via an API and demonstrated in a showcase. In this session, we'll present an overview of the app architecture and API and then show you how to use Splunk to easily perform a wide variety of tasks, including outlier detection, predictive analytics, event clustering, and anomaly detection. We’ll use real data to explore these techniques and explain the intuition behind the analytics.
Splunk is a powerful platform for understanding your data. The preview of the Machine Learning Toolkit and Showcase App extends Splunk with a rich suite of advanced analytics and machine learning algorithms, which are exposed via an API and demonstrated in a showcase. In this session, we'll present an overview of the app architecture and API and then show you how to use Splunk to easily perform a wide variety of tasks, including outlier detection, predictive analytics, event clustering, and anomaly detection. We’ll use real data to explore these techniques and explain the intuition behind the analytics.
Splunk is a powerful platform for understanding your data. The preview of the Machine Learning Toolkit and Showcase App extends Splunk with a rich suite of advanced analytics and machine learning algorithms, which are exposed via an API and demonstrated in a showcase. In this session, we'll present an overview of the app architecture and API and then show you how to use Splunk to easily perform a wide variety of tasks, including outlier detection, predictive analytics, event clustering, and anomaly detection. We’ll use real data to explore these techniques and explain the intuition behind the analytics.
Splunk is a powerful platform for understanding your data. The preview of the Machine Learning Toolkit and Showcase App extends Splunk with a rich suite of advanced analytics and machine learning algorithms, which are exposed via an API and demonstrated in a showcase. In this session, we'll present an overview of the app architecture and API and then show you how to use Splunk to easily perform a wide variety of tasks, including outlier detection, predictive analytics, event clustering, and anomaly detection. We’ll use real data to explore these techniques and explain the intuition behind the analytics.
Deception-Triggered Security Data Science to Detect Adversary MovementsSatnam Singh
Deception-triggered security data science is a novel paradigm where we marry deception and security data science together to enhance security incident analysis. We deploy deception sensors (consisting of multiple low and high honeypots) that can emulate at various stages, e.g., network, endpoint, application, data, and servers. Whenever an adversary tripped over these sensors, we initiate an alert and correlate with data from other hosts and users to construct an adversary trajectory graph. The graph enhances the capabilities of security analysts to get better insights about adversary movements and hosts that may also be compromised. This talk is a must for security data researchers, security analysts, and security practitioners. We will share some case studies from our deployments along with a live demo of our Splunk App.
What is Splunk? At the end of this session you’ll have a high-level understanding of the pieces that make up the Splunk Platform, how it works, and how it fits in the landscape of Big Data. You’ll see practical examples that differentiate Splunk while demonstrating how to gain quick time to value.
Webinar: Splunk Enterprise Security Deep Dive: AnalyticsSplunk
Splunk Enterprise Security (ES) ist ein Analytics-getriebenes SIEM, das Security Operations Teams erfolgreich bei der Gefahrenbekämpfung unterstützt. Aber wussten Sie auch schon, dass es aus einem Framework aufgebaut ist, das ganz individuell genutzt werden kann, um spezifische Sicherheitsanforderungen angehen zu können?
In unserem Webinar zeigen wir Ihnen die technischen Details hinter dem ES-Framework:
- Asset- und Identitäts-Korrelationen
- beachtenswerte Events
- Threat intelligence
- Risikoanalyse
- Investigation und Adaptive Response
Wir werden Alltags-Beispiele besprechen und Ihnen anhand einer Demo die Schlüssel-Frameworks zeigen, die Ihnen dabei helfen werden, Securityprobleme zu lösen.
SplunkLive Brisbane Splunk for Operational Security IntelligenceSplunk
You have spent a ton of money on your security infrastructure. But how do you string all those things together so you can achieve your goals of reducing time to response, detecting, preventing threats. And most importantly, having your security team serve your business and mission. Learn how to organize your security resources to get the best benefit. See a live demonstration of operationalizing those resources so your security teams can do more for your organization.
5 Ways to Improve your Security Posture with Splunk Enterprise SecuritySplunk
Hundreds of leading security teams use Splunk Enterprise and Splunk Enterprise Security (ES) as a big data SIEM plus much more to better protect against today's cyberthreats.
The solution includes pre-built, powerful content, technologies and capabilities to help security professionals quickly detect, investigate, and defeat external and internal threats.
This webinar introduced five ways Splunk ES can help security teams:
1. Detect external, advanced threats in real-time
2. Identify insider threats faster
3. Use free, external threat intelligence to find known threats
4. Accelerate incident investigations
5. Identify and report on cyberthreats with advanced visualizations and analytics
SplunkLive Canberra Enterprise Security & User Behavior AnalyticsGabrielle Knowles
This session will review Splunk’s two premium solutions for information security organizations: Splunk for Enterprise Security (ES) and Splunk User Behavior Analytics (UBA). Splunk ES is Splunk's award-winning security intelligence solution that brings immediate value for continuous monitoring across SOC and incident response environments – allowing you to quickly detect and respond to external and internal attacks, simplifying threat management while decreasing risk. Splunk UBA is a new technology that applies unsupervised machine learning and data science to solving one of the biggest problems in information security today: insider threat. You’ll learn how Splunk UBA works in tandem with ES, or third-party data sources, to bring significant automated analytical power to your SOC and Incident Response teams. We’ll discuss each solution and see them integrated and in action through detailed demos.
SplunkLive Sydney Enterprise Security & User Behavior AnalyticsGabrielle Knowles
Leverage the Splunk architecture to provide the best possible performance. Whether deploying on premise, in the cloud or on Splunk Cloud, this session will guide you through scenarios that will assist in getting the best from all these options. The agenda also covers how you can plan your searches and reporting to provide the best results for your end users.
SplunkLive Perth Enterprise Security & User Behavior AnalyticsGabrielle Knowles
This session will review Splunk’s two premium solutions for information security organizations: Splunk for Enterprise Security (ES) and Splunk User Behavior Analytics (UBA). Splunk ES is Splunk's award-winning security intelligence solution that brings immediate value for continuous monitoring across SOC and incident response environments – allowing you to quickly detect and respond to external and internal attacks, simplifying threat management while decreasing risk. Splunk UBA is a new technology that applies unsupervised machine learning and data science to solving one of the biggest problems in information security today: insider threat. You’ll learn how Splunk UBA works in tandem with ES, or third-party data sources, to bring significant automated analytical power to your SOC and Incident Response teams. We’ll discuss each solution and see them integrated and in action through detailed demos.
The ongoing cyber-war has a front line and that is the endpoint. In this session, you'll learn various methods to improve endpoint security with the Splunk Universal Forwarder and with commercial endpoint solutions. You can gain critical, timely, detailed information about what's happening on your desktops, laptops, hosts, and POS systems. You can correlate this data to network, threat intel, and other data sources. You'll learn how filesystem details, processes, services, hashes, ports, registry settings and more can be used to detect attackers. This will help any organization using Splunk to greatly improve their security posture.
Splunk is a powerful platform for understanding your data. The preview of the Machine Learning Toolkit and Showcase App extends Splunk with a rich suite of advanced analytics and machine learning algorithms, which are exposed via an API and demonstrated in a showcase. In this session, we'll present an overview of the app architecture and API and then show you how to use Splunk to easily perform a wide variety of tasks, including outlier detection, predictive analytics, event clustering, and anomaly detection. We’ll use real data to explore these techniques and explain the intuition behind the analytics.
Splunk is a powerful platform for understanding your data. The preview of the Machine Learning Toolkit and Showcase App extends Splunk with a rich suite of advanced analytics and machine learning algorithms, which are exposed via an API and demonstrated in a showcase. In this session, we'll present an overview of the app architecture and API and then show you how to use Splunk to easily perform a wide variety of tasks, including outlier detection, predictive analytics, event clustering, and anomaly detection. We’ll use real data to explore these techniques and explain the intuition behind the analytics.
Splunk is a powerful platform for understanding your data. The preview of the Machine Learning Toolkit and Showcase App extends Splunk with a rich suite of advanced analytics and machine learning algorithms, which are exposed via an API and demonstrated in a showcase. In this session, we'll present an overview of the app architecture and API and then show you how to use Splunk to easily perform a wide variety of tasks, including outlier detection, predictive analytics, event clustering, and anomaly detection. We’ll use real data to explore these techniques and explain the intuition behind the analytics.
Splunk is a powerful platform for understanding your data. The preview of the Machine Learning Toolkit and Showcase App extends Splunk with a rich suite of advanced analytics and machine learning algorithms, which are exposed via an API and demonstrated in a showcase. In this session, we'll present an overview of the app architecture and API and then show you how to use Splunk to easily perform a wide variety of tasks, including outlier detection, predictive analytics, event clustering, and anomaly detection. We’ll use real data to explore these techniques and explain the intuition behind the analytics.
Deception-Triggered Security Data Science to Detect Adversary MovementsSatnam Singh
Deception-triggered security data science is a novel paradigm where we marry deception and security data science together to enhance security incident analysis. We deploy deception sensors (consisting of multiple low and high honeypots) that can emulate at various stages, e.g., network, endpoint, application, data, and servers. Whenever an adversary tripped over these sensors, we initiate an alert and correlate with data from other hosts and users to construct an adversary trajectory graph. The graph enhances the capabilities of security analysts to get better insights about adversary movements and hosts that may also be compromised. This talk is a must for security data researchers, security analysts, and security practitioners. We will share some case studies from our deployments along with a live demo of our Splunk App.
What is Splunk? At the end of this session you’ll have a high-level understanding of the pieces that make up the Splunk Platform, how it works, and how it fits in the landscape of Big Data. You’ll see practical examples that differentiate Splunk while demonstrating how to gain quick time to value.
Webinar: Splunk Enterprise Security Deep Dive: AnalyticsSplunk
Splunk Enterprise Security (ES) ist ein Analytics-getriebenes SIEM, das Security Operations Teams erfolgreich bei der Gefahrenbekämpfung unterstützt. Aber wussten Sie auch schon, dass es aus einem Framework aufgebaut ist, das ganz individuell genutzt werden kann, um spezifische Sicherheitsanforderungen angehen zu können?
In unserem Webinar zeigen wir Ihnen die technischen Details hinter dem ES-Framework:
- Asset- und Identitäts-Korrelationen
- beachtenswerte Events
- Threat intelligence
- Risikoanalyse
- Investigation und Adaptive Response
Wir werden Alltags-Beispiele besprechen und Ihnen anhand einer Demo die Schlüssel-Frameworks zeigen, die Ihnen dabei helfen werden, Securityprobleme zu lösen.
SplunkLive Brisbane Splunk for Operational Security IntelligenceSplunk
You have spent a ton of money on your security infrastructure. But how do you string all those things together so you can achieve your goals of reducing time to response, detecting, preventing threats. And most importantly, having your security team serve your business and mission. Learn how to organize your security resources to get the best benefit. See a live demonstration of operationalizing those resources so your security teams can do more for your organization.
5 Ways to Improve your Security Posture with Splunk Enterprise SecuritySplunk
Hundreds of leading security teams use Splunk Enterprise and Splunk Enterprise Security (ES) as a big data SIEM plus much more to better protect against today's cyberthreats.
The solution includes pre-built, powerful content, technologies and capabilities to help security professionals quickly detect, investigate, and defeat external and internal threats.
This webinar introduced five ways Splunk ES can help security teams:
1. Detect external, advanced threats in real-time
2. Identify insider threats faster
3. Use free, external threat intelligence to find known threats
4. Accelerate incident investigations
5. Identify and report on cyberthreats with advanced visualizations and analytics
SplunkLive Perth Enterprise Security & User Behaviour AnalyticsSplunk
This session will review Splunk’s two premium solutions for information security organizations: Splunk for Enterprise Security (ES) and Splunk User Behavior Analytics (UBA). Splunk ES is Splunk's award-winning security intelligence solution that brings immediate value for continuous monitoring across SOC and incident response environments – allowing you to quickly detect and respond to external and internal attacks, simplifying threat management while decreasing risk. Splunk UBA is a new technology that applies unsupervised machine learning and data science to solving one of the biggest problems in information security today: insider threat. You’ll learn how Splunk UBA works in tandem with ES, or third-party data sources, to bring significant automated analytical power to your SOC and Incident Response teams. We’ll discuss each solution and see them integrated and in action through detailed demos.
SplunkLive Canberra Enterprise Security and User Behaviour AnalyticsSplunk
This session will review Splunk’s two premium solutions for information security organizations: Splunk for Enterprise Security (ES) and Splunk User Behavior Analytics (UBA). Splunk ES is Splunk's award-winning security intelligence solution that brings immediate value for continuous monitoring across SOC and incident response environments – allowing you to quickly detect and respond to external and internal attacks, simplifying threat management while decreasing risk. Splunk UBA is a new technology that applies unsupervised machine learning and data science to solving one of the biggest problems in information security today: insider threat. You’ll learn how Splunk UBA works in tandem with ES, or third-party data sources, to bring significant automated analytical power to your SOC and Incident Response teams. We’ll discuss each solution and see them integrated and in action through detailed demos.
SplunkLive Melbourne Enterprise Security & User Behaviour Analytics Splunk
This session will review Splunk’s two premium solutions for information security organizations: Splunk for Enterprise Security (ES) and Splunk User Behavior Analytics (UBA). Splunk ES is Splunk's award-winning security intelligence solution that brings immediate value for continuous monitoring across SOC and incident response environments – allowing you to quickly detect and respond to external and internal attacks, simplifying threat management while decreasing risk. Splunk UBA is a new technology that applies unsupervised machine learning and data science to solving one of the biggest problems in information security today: insider threat. You’ll learn how Splunk UBA works in tandem with ES, or third-party data sources, to bring significant automated analytical power to your SOC and Incident Response teams. We’ll discuss each solution and see them integrated and in action through detailed demos.
The ongoing cyber-war has a front line and that is the endpoint. In this session, you'll learn various methods to improve endpoint security with the Splunk Universal Forwarder and with commercial endpoint solutions. You can gain critical, timely, detailed information about what's happening on your desktops, laptops, hosts, and POS systems. You can correlate this data to network, threat intel, and other data sources. You'll learn how filesystem details, processes, services, hashes, ports, registry settings and more can be used to detect attackers. This will help any organization using Splunk to greatly improve their security posture.
SplunkLive Sydney Enterprise Security & User Behaviour AnalyticsSplunk
This session will review Splunk’s two premium solutions for information security organizations: Splunk for Enterprise Security (ES) and Splunk User Behavior Analytics (UBA). Splunk ES is Splunk's award-winning security intelligence solution that brings immediate value for continuous monitoring across SOC and incident response environments – allowing you to quickly detect and respond to external and internal attacks, simplifying threat management while decreasing risk. Splunk UBA is a new technology that applies unsupervised machine learning and data science to solving one of the biggest problems in information security today: insider threat. You’ll learn how Splunk UBA works in tandem with ES, or third-party data sources, to bring significant automated analytical power to your SOC and Incident Response teams. We’ll discuss each solution and see them integrated and in action through detailed demos.
.conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu...Splunk
.conf Go 2023 presentation:
"Das passende Rezept für die digitale (Security) Revolution zur Telematik Infrastruktur 2.0 im Gesundheitswesen?"
Speaker: Stefan Stein -
Teamleiter CERT | gematik GmbH M.Eng. IT-Sicherheit & Forensik,
doctorate student at TH Brandenburg & Universität Dresden
.conf Go 2023 presentation:
De NOC a CSIRT
Speakers:
Daniel Reina - Country Head of Security Cellnex (España) & Global SOC Manager Cellnex
Samuel Noval - Global CSIRT Team Leader, Cellnex
Splunk - BMW connects business and IT with data driven operations SRE and O11ySplunk
BMW is defining the next level of mobility - digital interactions and technology are the backbone to continued success with its customers. Discover how an IT team is tackling the journey of business transformation at scale whilst maintaining (and showing the importance of) business and IT service availability. Learn how BMW introduced frameworks to connect business and IT, using real-time data to mitigate customer impact, as Michael and Mark share their experience in building operations for a resilient future.
Data foundations building success, at city scale – Imperial College LondonSplunk
Universities have more in common with modern cities than traditional places of learning. This mini city needs to empower its citizens to thrive and achieve their ambitions. Operationalising data is key to building critical services; from understanding complex IT estates for smarter decision-making to robust security and a more reliable, resilient student experience. Juan will share his experience in building data foundations for a resilient future whilst enabling digital transformation at Imperial College London.
Splunk: How Vodafone established Operational Analytics in a Hybrid Environmen...Splunk
Learn how Vodafone has provided end-to-end visibility across services by building an Operational Analytics Platform. In this session, you will hear how Stefan and his team manage legacy, on premise, hybrid and public cloud services, and how they are providing a platform for complex triage and debugging to tackle use cases across Vodafone’s extensive ecosystem.
.italo operates an Essential Service by connecting more than 100 million people annually across Italy with its super fast and secure railway. And CISO Enrico Maresca has been on a whirlwind journey of his own.
Formerly a Cyber Security Engineer, Enrico started at .italo as an IT Security Manager. One year later, he was promoted to CISO and tasked with building out – and significantly increasing the maturity level – of the SOC. The result was a huge step forward for .italo.
So how did he successfully achieve this ambitious ask? Join Enrico as he reveals the key insights and lessons learned in his SOC journey, including:
Top challenges faced in improving security posture
Key KPIs implemented in order to measure success
Strategies and approaches applied in the SOC
How MITRE ATT&CK and Splunk Enterprise Security were utilised
Next steps in their maturity journey ahead
As Europe's leading economic powerhouse and the fourth-largest hashtag#economy globally, Germany stands at the forefront of innovation and industrial might. Renowned for its precision engineering and high-tech sectors, Germany's economic structure is heavily supported by a robust service industry, accounting for approximately 68% of its GDP. This economic clout and strategic geopolitical stance position Germany as a focal point in the global cyber threat landscape.
In the face of escalating global tensions, particularly those emanating from geopolitical disputes with nations like hashtag#Russia and hashtag#China, hashtag#Germany has witnessed a significant uptick in targeted cyber operations. Our analysis indicates a marked increase in hashtag#cyberattack sophistication aimed at critical infrastructure and key industrial sectors. These attacks range from ransomware campaigns to hashtag#AdvancedPersistentThreats (hashtag#APTs), threatening national security and business integrity.
🔑 Key findings include:
🔍 Increased frequency and complexity of cyber threats.
🔍 Escalation of state-sponsored and criminally motivated cyber operations.
🔍 Active dark web exchanges of malicious tools and tactics.
Our comprehensive report delves into these challenges, using a blend of open-source and proprietary data collection techniques. By monitoring activity on critical networks and analyzing attack patterns, our team provides a detailed overview of the threats facing German entities.
This report aims to equip stakeholders across public and private sectors with the knowledge to enhance their defensive strategies, reduce exposure to cyber risks, and reinforce Germany's resilience against cyber threats.
Chatty Kathy - UNC Bootcamp Final Project Presentation - Final Version - 5.23...John Andrews
SlideShare Description for "Chatty Kathy - UNC Bootcamp Final Project Presentation"
Title: Chatty Kathy: Enhancing Physical Activity Among Older Adults
Description:
Discover how Chatty Kathy, an innovative project developed at the UNC Bootcamp, aims to tackle the challenge of low physical activity among older adults. Our AI-driven solution uses peer interaction to boost and sustain exercise levels, significantly improving health outcomes. This presentation covers our problem statement, the rationale behind Chatty Kathy, synthetic data and persona creation, model performance metrics, a visual demonstration of the project, and potential future developments. Join us for an insightful Q&A session to explore the potential of this groundbreaking project.
Project Team: Jay Requarth, Jana Avery, John Andrews, Dr. Dick Davis II, Nee Buntoum, Nam Yeongjin & Mat Nicholas
Explore our comprehensive data analysis project presentation on predicting product ad campaign performance. Learn how data-driven insights can optimize your marketing strategies and enhance campaign effectiveness. Perfect for professionals and students looking to understand the power of data analysis in advertising. for more details visit: https://bostoninstituteofanalytics.org/data-science-and-artificial-intelligence/
21. 21
ML Toolkit & Showcase – DIY ML
• Splunk Supported framework for building ML Apps
– Get it for free: https://splunkbase.splunk.com/app/2890/
• Leverages Python for Scientific Computing (PSC) add-
on:
– Get it for free: refer to Splunkbasefor your OS version
ê https://splunkbase.splunk.com/app/2881/ to /2884/
– Open-source Python data science ecosystem
– NumPy, SciPy, scitkit-learn, pandas, statsmodels
• Showcase use cases: Predict Hard Drive Failure, Server
Power Consumption, Application Usage, Customer
Churn & more
22. 22
Standard algorithms out of the box:
Clustering: DBSCAN, KMeans, Birch, SpectralClustering
Regression: LinearRegression, RandomForestRegressor, ElasticNet, Ridge, Lasso
Classification: LogisticRegression, RandomForestClassifier, SVM, Naïve Bayes
(GaussianNB, BernoulliNB)
Transformation: PCA, KernelPCA, TFIDF Vectorizer, StandardScaler
Text Analytics: TF-IDF
Feature Extraction: FieldSelector (e.g. Univariate, ANOVA, K-best, etc.)
Implement one of 300+ algorithms by editing Python scripts
27. 27
3. Fit, Apply & Validate Models
• ML SPL – New grammar for doing ML in Splunk
• fit – fit models based on training data
– [training data] | fit LinearRegression costly_KPI
from feature1 feature2 feature3 into my_model
• apply – apply models on testing and production data
– [testing/production data] | apply my_model
• Validate Your Model (The Hard Part)
– Why hard? Because statistics is hard! Also: model error ≠ real world risk.
– Analyze residuals, mean-square error, goodness of fit, cross-validate, etc.
– Take Splunk’s Analytics & Data Science Education course
28. 28
4. Predict & Act
• Forecast KPIs & predict notable events
– When will my system have a critical error?
– In which service or process?
– What’s the probable root cause?
• How will people act on predictions?
– Is this a Sev 1/2/3 event? Who responds?
– Deliver via Notable Events or dashboard?
– Human response or automated response?
• How do you improve the models?
– Iterate, add more data, extract more features
– Keep track of true/false positives
31. 31
Getting started
• Pre-requisite: you must be running Splunk 6.4.x
• Download and install the free ML Toolkit & Showcase!
– https://splunkbase.splunk.com/app/2890/
– https://splunkbase.splunk.com/app/2881/ to /2884/
• Speak to your local SE to discuss ways you could use ML
• Join our local User Group – we’ll be running ML workshops!
– http://www.meetup.com/splunk-melbourne/
• Contact me! (aphillips@splunk.com)