SplunkLive! Stockholm 2018 - Customer presentation: Telia Splunk
This document discusses Telia Company's approach to cyber threat management and detection. It outlines:
1) Telia Company's large network and IT infrastructure that presents cyber security challenges due to its scale.
2) Telia's threat detection approach which focuses on building tailored use cases through continuous analysis, development, and improvement in order to synchronize detection and response.
3) Some examples of early use cases developed, including detecting attacks on workstations, and how the program achieved results quickly through a DevOps approach of simultaneous development and detection.
This document summarizes a presentation about using AI and machine learning to improve IT operations. It discusses how digital transformation, new technologies, and customer experience are driving businesses and CIO priorities. It then provides examples of how Splunk's AIOps platform uses predictive analytics and machine learning to help identify issues proactively, reduce resolution times, and prevent outages. The presentation shows how one company was able to predict incidents up to 30 minutes in advance and reduce resolution times by 65% using Splunk's solutions.
Irdeto is a global leader in digital platform security that protects media, entertainment, games, connected transport and IoT industries. It employs nearly 1,000 security experts across 15 locations covering 6 continents. Irdeto's vision is to build a secure future where people can embrace connectivity without fear. The document discusses Irdeto's service operations center and how it has evolved its monitoring framework over time to incorporate more application logs, metrics, and events into Splunk. It analyzes trends and anomalies to more effectively manage incidents. Future goals include adding more data sources into Splunk, introducing ITSI for event correlation, developing more dashboards and anomaly detection through machine learning.
The document discusses near real-time phishing detection using Splunk. It describes how the Dutch Tax and Customs Administration uses Splunk to monitor phishing emails targeting their organization. It provides examples of phishing emails aimed at stealing personal information or money from victims. It then outlines secure email protocols like SPF, DKIM, and DMARC that can be used to validate sending servers and authenticate email senders to help detect phishing attempts.
How a Leading Saudi Bank Matured Security to Better Partner the BusinessSplunk
Presented by Rasha M. Abu AlSaud, CISO of a leading Saudi Bank and Matthias Maier, Splunk Product Marketing Director, at Gartner’s 2018 Security Risk and Management Summit in Dubai.
Partner Exec Summit 2018 - Frankfurt: Splunk for Industrial IoTSplunk
- The document is a presentation about Splunk for Industrial IoT given by Ronald Perzul on November 21st 2018.
- It discusses challenges in industrial data like reactive maintenance and unplanned downtime, and how Splunk's solutions for industrial IoT like real-time monitoring, predictive analytics, and OT security can help address these challenges.
- Splunk Industrial Asset Intelligence is highlighted as a key solution, allowing users to monitor assets, create visualizations and formulas without programming, and set alerts to improve availability and performance.
Enabling Airbus Digital Transformation with Splunk
Learn how Airbus are turning their data into doing across their organisation. From real time monitoring to IT Service Management to security operations – Airbus are maximising their use of data to deliver more services and continuous process improvement.
SplunkLive! Stockholm 2018 - Customer presentation: Telia Splunk
This document discusses Telia Company's approach to cyber threat management and detection. It outlines:
1) Telia Company's large network and IT infrastructure that presents cyber security challenges due to its scale.
2) Telia's threat detection approach which focuses on building tailored use cases through continuous analysis, development, and improvement in order to synchronize detection and response.
3) Some examples of early use cases developed, including detecting attacks on workstations, and how the program achieved results quickly through a DevOps approach of simultaneous development and detection.
This document summarizes a presentation about using AI and machine learning to improve IT operations. It discusses how digital transformation, new technologies, and customer experience are driving businesses and CIO priorities. It then provides examples of how Splunk's AIOps platform uses predictive analytics and machine learning to help identify issues proactively, reduce resolution times, and prevent outages. The presentation shows how one company was able to predict incidents up to 30 minutes in advance and reduce resolution times by 65% using Splunk's solutions.
Irdeto is a global leader in digital platform security that protects media, entertainment, games, connected transport and IoT industries. It employs nearly 1,000 security experts across 15 locations covering 6 continents. Irdeto's vision is to build a secure future where people can embrace connectivity without fear. The document discusses Irdeto's service operations center and how it has evolved its monitoring framework over time to incorporate more application logs, metrics, and events into Splunk. It analyzes trends and anomalies to more effectively manage incidents. Future goals include adding more data sources into Splunk, introducing ITSI for event correlation, developing more dashboards and anomaly detection through machine learning.
The document discusses near real-time phishing detection using Splunk. It describes how the Dutch Tax and Customs Administration uses Splunk to monitor phishing emails targeting their organization. It provides examples of phishing emails aimed at stealing personal information or money from victims. It then outlines secure email protocols like SPF, DKIM, and DMARC that can be used to validate sending servers and authenticate email senders to help detect phishing attempts.
How a Leading Saudi Bank Matured Security to Better Partner the BusinessSplunk
Presented by Rasha M. Abu AlSaud, CISO of a leading Saudi Bank and Matthias Maier, Splunk Product Marketing Director, at Gartner’s 2018 Security Risk and Management Summit in Dubai.
Partner Exec Summit 2018 - Frankfurt: Splunk for Industrial IoTSplunk
- The document is a presentation about Splunk for Industrial IoT given by Ronald Perzul on November 21st 2018.
- It discusses challenges in industrial data like reactive maintenance and unplanned downtime, and how Splunk's solutions for industrial IoT like real-time monitoring, predictive analytics, and OT security can help address these challenges.
- Splunk Industrial Asset Intelligence is highlighted as a key solution, allowing users to monitor assets, create visualizations and formulas without programming, and set alerts to improve availability and performance.
Enabling Airbus Digital Transformation with Splunk
Learn how Airbus are turning their data into doing across their organisation. From real time monitoring to IT Service Management to security operations – Airbus are maximising their use of data to deliver more services and continuous process improvement.
Partner Exec Summit 2018 - Frankfurt: Partner Brauchen Wir NichtSplunk
1) OTTO is a major German e-commerce company founded in 1949 that has transformed from a mail-order catalog business to a leader in online retail.
2) OTTO has been using Splunk for over 10 years, starting with call center logging and expanding to infrastructure monitoring and compliance. They currently have over 1000 registered Splunk users and process 13 billion events per month.
3) While OTTO has built up significant internal Splunk expertise, they will continue partnering for new initiatives like process analytics, hybrid cloud operations, machine learning, and mobile analytics to drive their digital transformation. Partners should be certified, flexible, and creative.
This document discusses how Splunk can be used to analyze industrial and Internet of Things (IoT) data. It describes how Splunk provides secure data collection, real-time dashboards and reporting, powerful search and analytics capabilities, and scalable time-series storage. The document outlines Splunk's capabilities for various industries like oil and gas, manufacturing, transportation, and utilities. It also provides examples of how Splunk has been used by customers for remote freight train monitoring, understanding customer behavior through vending machine data, and saving over $1 billion through energy efficiency calculations and recommendations.
This document discusses how Splunk provides value across IT operations, application delivery, business analytics, industrial data/IoT, and security/compliance. It highlights Splunk's capabilities for operational visibility, powerful developer platform, extensibility, and ecosystem for industrial/IoT data. An example deployment for oil and gas operations is shown. The document argues that a new approach to ICS/OT security is needed to analyze all relevant data and leverage threat intelligence. Splunk provides an application for enterprise security focused on ICS/OT environments.
Splunk IT Service Intelligence Overview - AIOps Roundtable BernSplunk
This document discusses Splunk IT Service Intelligence (ITSI), which uses predictive analytics and artificial intelligence to provide a 360-degree view of IT services and business metrics. ITSI helps IT teams predict and prevent outages by reducing event noise by 20-30% and predicting issues 20-30 minutes in advance. It also reduces mean time to resolution by up to 90% and incident investigation time by 70-90%. Splunk claims ITSI improves customer satisfaction, protects brands, and preserves revenue by taking a proactive, predictive, and effective approach to IT service management.
Splunk Internet of Things Roundtable 2015Georg Knon
This document contains an agenda and presentation materials for an Internet of Things Day event by Splunk. The presentation provides an overview of Splunk as a company, its machine data platform for collecting and analyzing data from IoT devices, and use cases from customers across various industries utilizing Splunk for IoT applications. Examples include using machine data from manufacturing equipment to optimize energy usage and enable predictive maintenance, and aggregating data from vending machines for diagnostics and insights into customer behavior.
Managing SCADA Operations and Security with Splunk EnterpriseSplunk
This document discusses how Enterprise Products Partners uses Splunk Enterprise to manage their SCADA operations and security. It describes how the SCADA Infrastructure and Cyber Security team transitioned from struggling to meet regulatory SLAs to using Splunk to improve visibility, detect issues faster, and resolve problems within 4 minutes. The presentation outlines how Splunk helps with infrastructure operations, cyber security tasks like firewall monitoring, and adhering to PHMSA requirements. It concludes by encouraging others to also use Splunk to be "SCADA superheroes" in managing their industrial control systems.
Managing SCADA Operations and Security with Splunk EnterpriseSplunk
This document summarizes how Enterprise Products Partners uses Splunk Enterprise to manage their SCADA infrastructure and cyber security operations. It discusses how they were previously challenged to meet regulatory SLAs without Splunk. With Splunk, they improved infrastructure monitoring, implemented cyber security measures like monitoring firewalls and industrial protocols, and can now adhere to PHMSA requirements by resolving issues within 4 minutes. The presentation encourages others in similar roles to also leverage Splunk Enterprise.
Splunk for Industrial Data and the Internet of Thingsaliciasyc
The IoT is a natural evolution of the world’s networks. Just as people became more connected by devices and applications during the explosion of the social media revolution, devices, sensors and industrial equipment are also becoming more connected—and are consuming and generating data at an unprecedented pace. Disparate and deployed connected devices can provide a unique touchpoint to real-world operations and conditions. Only few architectures and applications are designed to handle the constant streams of real-time events, sensor readings, user interactions and application data produced by massive numbers of connected devices. Use Splunk to collect, index and harness the power of the machine data generated by connected devices and machines deployed on your local network or around the world.
The document is a presentation about using Splunk for IT operations. It demonstrates how Splunk can be used to monitor applications and services, correlate issues across different tiers, create tickets and alerts when issues arise, and provide operational visibility and intelligence. Live demonstrations show searching log data to diagnose a webstore issue, visualizing applications and services, and setting up an alert to be proactively notified of database query performance problems.
This document provides an overview of how Splunk can be used to gain operational intelligence from machine data. It demonstrates how Splunk allows users to search machine data, correlate infrastructure entities with applications and services, monitor applications and services, and create tickets and alerts. Specifically, it shows how a user can search log data to troubleshoot a phone call about application issues, map entities to applications and services, view related dashboards, and ultimately create a ticket and scheduled alert to notify teams proactively about long database queries.
Splunk Discovery: Milan 2018 - Delivering New Visibility and Analytics for IT...Splunk
The document discusses Splunk's platform for machine data and operational intelligence. It summarizes Splunk's capabilities for indexing and analyzing untapped machine data from any source or location. It describes how Splunk helps customers gain operational visibility, proactive monitoring, and real-time business insights. The document also provides examples of Splunk customers who achieved dramatic results and rapid ROI across various industries such as healthcare, retail, online services, and technology.
Protect & Defend Your Critical InfrastructureQ1 Labs
This document discusses a partnership between Q1 Labs and Sourcefire to integrate their security solutions. It provides overviews of each company and their solutions. It then discusses how their integration provides security intelligence and compliance capabilities across the critical infrastructure lifecycle from risk management to post-exploit remediation. Specific examples of how their integrated solutions support NERC-CIP compliance requirements and provide threat detection capabilities for the energy and utilities sector are also summarized.
Partner Exec Summit 2018 - Frankfurt: Splunk Business Flow BetaSplunk
Splunk is conducting a beta test of its new Business Flow product to provide unified, real-time visibility into complex business processes and customer journeys across different data sources; the beta involves an initial setup session to configure data sources and visualize processes, followed by a follow up session to gather feedback on what is working well and opportunities for improvement; the goal is to help customers gain end-to-end visibility into critical workflows and discover insights to benefit their business and IT operations.
Cisco Connect 2018 Indonesia - Delivering intent for data center networking NetworkCollaborators
The document discusses Cisco's approach to intent-based networking for data centers. It describes how modern data centers are increasingly complex with distributed applications and microservices. It introduces Cisco's intent lifecycle approach, which includes automation, analytics, assurance, and policy to guarantee consistency and compliance with intent. Key components of Cisco's solution include Application Centric Infrastructure (ACI), Tetration for visibility and segmentation, and the Network Assurance Engine for continuously validating the network configuration matches intent through mathematical modeling.
Razi Asaduddin presented on how ExxonMobil uses Splunk for various purposes including cyber security, network and application performance monitoring, and capacity planning. Some key points included how Splunk has allowed ExxonMobil to gain visibility and insights across data that was previously siloed, and how their use of Splunk has evolved from one-dimensional searches to multi-dimensional pivoting and visualization. Razi also shared best practices like starting with simple questions and gradually building complexity, as well as methods for policing Splunk usage within the organization.
Steven Hatch is the Enterprise Logging Services Manager at Cox Automotive, leading an international rollout of Splunk across the company. Cox Automotive is a leading provider of automotive products and services with over 20 brands. Splunk ITSI helps transform technical details at Cox Automotive into intelligence and actionable events to simplify complex issues for users without an extensive Splunk background. The next steps are to train more DevOps and business partners on ITSI and continuously integrate it throughout Cox Automotive.
Splunk for Monitoring and Diagnostics in the Industrial Environment Splunk
Splunk is a software platform that allows users to gain real-time insights from industrial machine data. It collects, indexes, enriches, and analyzes data from sensors and industrial assets. Splunk helps users monitor equipment performance, detect anomalies, avoid downtime, and optimize manufacturing processes. The presentation demonstrates how Splunk has helped a semiconductor manufacturer improve yields, increase uptime, expand reporting capabilities, and decrease operating expenses by analyzing data from their fabrication facilities.
Cisco Connect 2018 Indonesia - Building a secure data center NetworkCollaborators
This document discusses how Cisco Tetration Analytics can strengthen data center security. It provides an overview of Tetration Analytics, which uses machine learning to gain visibility into all network traffic and identify anomalies. This helps users establish a baseline, detect outliers, and create automated whitelisting policies to lock down systems. The document also reviews Tetration's deployment options, data sources, use cases, and integration with the broader Cisco security ecosystem.
Meaningful Lawful Intercept (LI) demands the capture and analysis of 100 percent of the traffic crossing a network—whether in 10G or 1G interfaces, or a combination. Sharon likens the challenge to “finding the needle in the haystack,”
Lessons Learned Fighting Modern Cyberthreats in Critical ICS NetworksAngeloluca Barba
A presentation given in April 2019 in London during ICS Cyber Security Conference. I discuss an anonymized investigation conducted by our team to identify a real malware infection on a production network, the tools and techniques used to contain this threat and how to use threat intelligence and visibility to stay ahead of cyber adversaries.
Asset visibility and network baselining
Continuous network monitoring
Threat intelligence ingestion
Thorough incident response plans
Digital forensics involves the scientific analysis of digital evidence extracted from devices such as computers, laptops, mobiles, and storage devices. It aims to properly extract, analyze and document digital evidence for use in court. There are different stages including identifying purpose and resources, analyzing data using tools, interpreting results, documenting conclusions, and securing data for future use as evidence. Various branches of digital forensics examine different sources of digital evidence, such as network traffic and logs, firewall logs, databases, mobile devices, and email servers and accounts. Specialized tools are used to extract valuable information from these sources and assist with investigations.
Partner Exec Summit 2018 - Frankfurt: Partner Brauchen Wir NichtSplunk
1) OTTO is a major German e-commerce company founded in 1949 that has transformed from a mail-order catalog business to a leader in online retail.
2) OTTO has been using Splunk for over 10 years, starting with call center logging and expanding to infrastructure monitoring and compliance. They currently have over 1000 registered Splunk users and process 13 billion events per month.
3) While OTTO has built up significant internal Splunk expertise, they will continue partnering for new initiatives like process analytics, hybrid cloud operations, machine learning, and mobile analytics to drive their digital transformation. Partners should be certified, flexible, and creative.
This document discusses how Splunk can be used to analyze industrial and Internet of Things (IoT) data. It describes how Splunk provides secure data collection, real-time dashboards and reporting, powerful search and analytics capabilities, and scalable time-series storage. The document outlines Splunk's capabilities for various industries like oil and gas, manufacturing, transportation, and utilities. It also provides examples of how Splunk has been used by customers for remote freight train monitoring, understanding customer behavior through vending machine data, and saving over $1 billion through energy efficiency calculations and recommendations.
This document discusses how Splunk provides value across IT operations, application delivery, business analytics, industrial data/IoT, and security/compliance. It highlights Splunk's capabilities for operational visibility, powerful developer platform, extensibility, and ecosystem for industrial/IoT data. An example deployment for oil and gas operations is shown. The document argues that a new approach to ICS/OT security is needed to analyze all relevant data and leverage threat intelligence. Splunk provides an application for enterprise security focused on ICS/OT environments.
Splunk IT Service Intelligence Overview - AIOps Roundtable BernSplunk
This document discusses Splunk IT Service Intelligence (ITSI), which uses predictive analytics and artificial intelligence to provide a 360-degree view of IT services and business metrics. ITSI helps IT teams predict and prevent outages by reducing event noise by 20-30% and predicting issues 20-30 minutes in advance. It also reduces mean time to resolution by up to 90% and incident investigation time by 70-90%. Splunk claims ITSI improves customer satisfaction, protects brands, and preserves revenue by taking a proactive, predictive, and effective approach to IT service management.
Splunk Internet of Things Roundtable 2015Georg Knon
This document contains an agenda and presentation materials for an Internet of Things Day event by Splunk. The presentation provides an overview of Splunk as a company, its machine data platform for collecting and analyzing data from IoT devices, and use cases from customers across various industries utilizing Splunk for IoT applications. Examples include using machine data from manufacturing equipment to optimize energy usage and enable predictive maintenance, and aggregating data from vending machines for diagnostics and insights into customer behavior.
Managing SCADA Operations and Security with Splunk EnterpriseSplunk
This document discusses how Enterprise Products Partners uses Splunk Enterprise to manage their SCADA operations and security. It describes how the SCADA Infrastructure and Cyber Security team transitioned from struggling to meet regulatory SLAs to using Splunk to improve visibility, detect issues faster, and resolve problems within 4 minutes. The presentation outlines how Splunk helps with infrastructure operations, cyber security tasks like firewall monitoring, and adhering to PHMSA requirements. It concludes by encouraging others to also use Splunk to be "SCADA superheroes" in managing their industrial control systems.
Managing SCADA Operations and Security with Splunk EnterpriseSplunk
This document summarizes how Enterprise Products Partners uses Splunk Enterprise to manage their SCADA infrastructure and cyber security operations. It discusses how they were previously challenged to meet regulatory SLAs without Splunk. With Splunk, they improved infrastructure monitoring, implemented cyber security measures like monitoring firewalls and industrial protocols, and can now adhere to PHMSA requirements by resolving issues within 4 minutes. The presentation encourages others in similar roles to also leverage Splunk Enterprise.
Splunk for Industrial Data and the Internet of Thingsaliciasyc
The IoT is a natural evolution of the world’s networks. Just as people became more connected by devices and applications during the explosion of the social media revolution, devices, sensors and industrial equipment are also becoming more connected—and are consuming and generating data at an unprecedented pace. Disparate and deployed connected devices can provide a unique touchpoint to real-world operations and conditions. Only few architectures and applications are designed to handle the constant streams of real-time events, sensor readings, user interactions and application data produced by massive numbers of connected devices. Use Splunk to collect, index and harness the power of the machine data generated by connected devices and machines deployed on your local network or around the world.
The document is a presentation about using Splunk for IT operations. It demonstrates how Splunk can be used to monitor applications and services, correlate issues across different tiers, create tickets and alerts when issues arise, and provide operational visibility and intelligence. Live demonstrations show searching log data to diagnose a webstore issue, visualizing applications and services, and setting up an alert to be proactively notified of database query performance problems.
This document provides an overview of how Splunk can be used to gain operational intelligence from machine data. It demonstrates how Splunk allows users to search machine data, correlate infrastructure entities with applications and services, monitor applications and services, and create tickets and alerts. Specifically, it shows how a user can search log data to troubleshoot a phone call about application issues, map entities to applications and services, view related dashboards, and ultimately create a ticket and scheduled alert to notify teams proactively about long database queries.
Splunk Discovery: Milan 2018 - Delivering New Visibility and Analytics for IT...Splunk
The document discusses Splunk's platform for machine data and operational intelligence. It summarizes Splunk's capabilities for indexing and analyzing untapped machine data from any source or location. It describes how Splunk helps customers gain operational visibility, proactive monitoring, and real-time business insights. The document also provides examples of Splunk customers who achieved dramatic results and rapid ROI across various industries such as healthcare, retail, online services, and technology.
Protect & Defend Your Critical InfrastructureQ1 Labs
This document discusses a partnership between Q1 Labs and Sourcefire to integrate their security solutions. It provides overviews of each company and their solutions. It then discusses how their integration provides security intelligence and compliance capabilities across the critical infrastructure lifecycle from risk management to post-exploit remediation. Specific examples of how their integrated solutions support NERC-CIP compliance requirements and provide threat detection capabilities for the energy and utilities sector are also summarized.
Partner Exec Summit 2018 - Frankfurt: Splunk Business Flow BetaSplunk
Splunk is conducting a beta test of its new Business Flow product to provide unified, real-time visibility into complex business processes and customer journeys across different data sources; the beta involves an initial setup session to configure data sources and visualize processes, followed by a follow up session to gather feedback on what is working well and opportunities for improvement; the goal is to help customers gain end-to-end visibility into critical workflows and discover insights to benefit their business and IT operations.
Cisco Connect 2018 Indonesia - Delivering intent for data center networking NetworkCollaborators
The document discusses Cisco's approach to intent-based networking for data centers. It describes how modern data centers are increasingly complex with distributed applications and microservices. It introduces Cisco's intent lifecycle approach, which includes automation, analytics, assurance, and policy to guarantee consistency and compliance with intent. Key components of Cisco's solution include Application Centric Infrastructure (ACI), Tetration for visibility and segmentation, and the Network Assurance Engine for continuously validating the network configuration matches intent through mathematical modeling.
Razi Asaduddin presented on how ExxonMobil uses Splunk for various purposes including cyber security, network and application performance monitoring, and capacity planning. Some key points included how Splunk has allowed ExxonMobil to gain visibility and insights across data that was previously siloed, and how their use of Splunk has evolved from one-dimensional searches to multi-dimensional pivoting and visualization. Razi also shared best practices like starting with simple questions and gradually building complexity, as well as methods for policing Splunk usage within the organization.
Steven Hatch is the Enterprise Logging Services Manager at Cox Automotive, leading an international rollout of Splunk across the company. Cox Automotive is a leading provider of automotive products and services with over 20 brands. Splunk ITSI helps transform technical details at Cox Automotive into intelligence and actionable events to simplify complex issues for users without an extensive Splunk background. The next steps are to train more DevOps and business partners on ITSI and continuously integrate it throughout Cox Automotive.
Splunk for Monitoring and Diagnostics in the Industrial Environment Splunk
Splunk is a software platform that allows users to gain real-time insights from industrial machine data. It collects, indexes, enriches, and analyzes data from sensors and industrial assets. Splunk helps users monitor equipment performance, detect anomalies, avoid downtime, and optimize manufacturing processes. The presentation demonstrates how Splunk has helped a semiconductor manufacturer improve yields, increase uptime, expand reporting capabilities, and decrease operating expenses by analyzing data from their fabrication facilities.
Cisco Connect 2018 Indonesia - Building a secure data center NetworkCollaborators
This document discusses how Cisco Tetration Analytics can strengthen data center security. It provides an overview of Tetration Analytics, which uses machine learning to gain visibility into all network traffic and identify anomalies. This helps users establish a baseline, detect outliers, and create automated whitelisting policies to lock down systems. The document also reviews Tetration's deployment options, data sources, use cases, and integration with the broader Cisco security ecosystem.
Meaningful Lawful Intercept (LI) demands the capture and analysis of 100 percent of the traffic crossing a network—whether in 10G or 1G interfaces, or a combination. Sharon likens the challenge to “finding the needle in the haystack,”
Lessons Learned Fighting Modern Cyberthreats in Critical ICS NetworksAngeloluca Barba
A presentation given in April 2019 in London during ICS Cyber Security Conference. I discuss an anonymized investigation conducted by our team to identify a real malware infection on a production network, the tools and techniques used to contain this threat and how to use threat intelligence and visibility to stay ahead of cyber adversaries.
Asset visibility and network baselining
Continuous network monitoring
Threat intelligence ingestion
Thorough incident response plans
Digital forensics involves the scientific analysis of digital evidence extracted from devices such as computers, laptops, mobiles, and storage devices. It aims to properly extract, analyze and document digital evidence for use in court. There are different stages including identifying purpose and resources, analyzing data using tools, interpreting results, documenting conclusions, and securing data for future use as evidence. Various branches of digital forensics examine different sources of digital evidence, such as network traffic and logs, firewall logs, databases, mobile devices, and email servers and accounts. Specialized tools are used to extract valuable information from these sources and assist with investigations.
Lessons v on fraud awareness (digital forensics) [autosaved]Kolluru N Rao
Digital forensics is the scientific process of analyzing digital evidence from computers, mobile devices, and other electronic storage mediums. It involves securely acquiring and preserving digital evidence, extracting and analyzing relevant information, and documenting the process to present findings in a court of law. The key stages of digital forensics are identification, collection, analysis, interpretation, documentation and presentation of digital evidence. There are several branches of digital forensics including network forensics, firewall forensics, database forensics, mobile device forensics, and email forensics. Maintaining a proper chain of custody is also important to ensure digital evidence remains untampered and admissible in court.
Using machine learning algorithms to detect frauds in telephone networks during pandemic
Telephone fraud costs companies billions each year. This document proposes using machine learning algorithms to analyze voice traffic data from telephone networks to detect fraud. It involves collecting call data records, preprocessing the data, applying dimension reduction techniques and machine learning models like logistic regression and random forests to identify fraudulent calls. Implementing these algorithms could help telecom companies reduce financial losses, detect fraud earlier, and prevent network congestion from fraudulent traffic.
Data mining in telecommunication industryharshu966
The document discusses how data mining techniques are widely used in the telecommunications industry. Some key points:
1) Telecom companies generate huge amounts of data from operational systems that can be used to solve business problems. Data mining and business intelligence are applied to call detail records, network data, and customer information.
2) Applications include fraud detection by comparing customer calling patterns to profiles, and marketing/customer profiling by segmenting large customer databases.
3) Network fault isolation automatically analyzes alarm messages to identify issues.
4) Common techniques include k-means clustering, which groups customer data into classes based on similarity to identify patterns and segment customers for targeted campaigns. Call detail records can be clustered to analyze
World of Signals - Devices - Connectivity - Signals - RF - Cyber Security.Jan Geirnaert
This is a simple presentation I did towards a non-technical audience as part of a seminar on Cyber Security in Malaysia - Kuala Lumpur. It covers a wide range of specific topics relating to cyber security issues. We are all connected to a huge amount of devices and the attack vector is growing, widening. Building walls and fences is not enough. There is a lack of On The Ground Cyber Security...
As technology transforms the legal practice, electronically stored information (ESI) has replaced the paper evidence as the lawyer’s primary stock in trade. This is the future of the legal profession. Far more information is retained by a computer than most people realize. Without the right tools and techniques to preserve, examine and extract data, legal officers run the risk of losing something important, rendering what you find inadmissible, or even causing spoliation of evidence.
In this presentation to the Uganda Law Society Uganda members, Mustapha B Mugisa (www.mustaphamugisa.com) explores the skills prosecutors and investigators must master in order to perform their jobs effectively. You will learn a lot by reading this presentation to the end, than most people know about forensics and the new developments.
Digital Forensics Training Bootcamp (Systems Engineering ) Part - Tonex TrainingBryan Len
Digital forensics is the usage of consistent investigatory strategies to digital infringement and attacks. It is a basic piece of law and business in the web age and can be a satisfying and advantageous calling way.
Other than the legitimate viewpoints engaged with digital forensics, individuals are regularly shocked to discover that the calling takes advantage of numerous logical standards, philosophies and strategies.
There are a few abilities required for an effective profession in digital forensics preeminent is a specialized inclination. Having a legitimate comprehension of the working of digital gadgets, specialized ideas, networking, and involvement in PC systems are the essential specialized aptitudes anticipated from those working in digital forensics.
This can be separated further:
Digital Comprehension:
A digital scientific expert needs to associate with different endpoints, for example, cell phones, printers, IoT (Internet of Things), USB, outer hard drives, iPads, tablets and digital cameras.
Networking:
Knowledge of PC networking, LAN and server is critical. As an agent, networking ideas and availability learning ought to be of worry as the examination won't be constrained to the individual framework, yet every framework associated in the LAN must be inspected.
Operating System Knowledge:
Knowing you route around the different PC operating systems is a key to cybercrime examinations. Android and Windows are the basic operating systems in cell phones, though other endpoint gadgets may take a shot at an alternate OS, which you ought to have the option to work.
Need to find out additional?
Tonex offers Digital Forensics Training Bootcamp, an exceptional 2-day course intended to prepare digital forensics inspectors, Analysts and Fraud Investigators as understudies are shown electronic revelation and progressed digital scientific systems.
This course is fundamental to anybody experiencing digital scientific and proof while directing an examination. Furthermore, Tonex offers about 400 classes, courses and workshops in near four dozen classifications of systems engineering training.
Request more information regarding digital forensics training bootcamp. For more data, questions, comments, contact Tonex training. Visit tonex.com
Digital Forensics Training Bootcamp, Systems Engineering
https://www.tonex.com/digital-forensics-training-bootcamp-systems-engineering/
Brochure of International College For Security Studies , Learn and Get Trained by Professional Experts and Discover the Cyber Security Industry ,
For More Visit us at https://icssindia.org
https://cyber.icssindia.org
Tecomex Forensics Ltd is a digital forensics and network security company that offers flexible services including digital forensics analysis, network penetration testing, security training, and applied research. Their services are tailored to each client's specific needs and budget. They have experts that can analyze requirements to design cost-effective solutions. Tecomex also provides certified training courses in digital forensics, security, and ethics to help professionals in law enforcement and other fields. In addition, they conduct independent research focused on areas like intrusion detection, cloud security, and forensics provenance to advance the fields of digital forensics and network security.
This document discusses the concept of stateless security architecture. It notes that traditional security models are broken due to changes in business, data, and technology models. Factors like increased mobility, BYOD, and cloud computing are driving the need for a stateless model where security controls are decoupled from infrastructure and trust is dynamically assessed. The document outlines four steps to building a stateless architecture, including leveraging ecosystem capabilities, and provides examples of how stateless identity management and encryption could work. Key benefits of stateless security include agile, contextual protection of data regardless of location and ability to change infrastructure without rebuilding protections.
Intense and wide workshop on major voice encryption technologies for private, business, military, public safety and internet.
Strong review of wiretapping technical and political context.
iPads on your network? Take Control with Unified Policy and ManagementCisco Mobility
Employee's are bringing tablets and smartphones onto corporate networks, increasing IT workload without adding resources. See how the Cisco Identity Services Engine and Cisco Prime Network Control System will help IT take control of the onslaught of mobile devices entering the network. Learn more: http://cisco.com/go/wireless
AI in the Enterprise: Past, Present & Future - StampedeCon AI Summit 2017StampedeCon
This document discusses AI in the enterprise from past, present, and future perspectives. It provides an overview of the history and recent developments in AI and deep learning, including improved performance on tasks like image recognition. Case studies are presented showing how various large companies have successfully applied deep learning techniques like convolutional neural networks to problems in different industries involving computer vision, predictive maintenance, fraud detection, and more. The importance of data quantity for deep learning performance is highlighted. The final sections discuss challenges in AI adoption and the importance of piloting models before full production deployment.
Cyber innovation without a new product to buy-Michael Boeckx - cybersec europ...NRBsanv
In a changing world of threads and thread actors we find ourselves bombarded with new technology hypes and toolsets.
Security tooling is like emotional eating you feel good for a while but at the end you are not in a better position.
This presentation addresses common questions such as how to differentiate between hype and reality, how to keep up with a limited budget, what is your security maturity level and how to fit this in a regulatory and compliance context.
In the board room these questions pop up on a regular basis lets bring you through the journey of how to answer and make it work presenting a customer success story.
The document discusses network packet reconstruction technology for computer forensics and information security. It summarizes Decision Group's product offerings which allow capturing, organizing, and replaying network packets for analysis. It also outlines their research and development history and customer base.
Securing Your Intellectual Property: Preventing Business IP LeaksHokme
Let us delve into strategies to safeguard your business's intellectual property (IP) and avoid leaks. Explore how Confiex's Virtual Data Room acts as a fortress against unauthorized access, ensuring your sensitive data and valuable IP remain protected at all times.
Source- https://confiexdataroom.com/blog/data-room/virtual-data-room/how-to-avoid-business-ip-leaks/
Similar to SplunkLive! Utrecht 2018 - Customer presentation: POST Luxembourg (20)
.conf Go 2023 - Raiffeisen Bank InternationalSplunk
This document discusses standardizing security operations procedures (SOPs) to increase efficiency and automation. It recommends storing SOPs in a code repository for versioning and referencing them in workbooks which are lists of standard tasks to follow for investigations. The goal is to have investigation playbooks in the security orchestration, automation and response (SOAR) tool perform the predefined investigation steps from the workbooks to automate incident response. This helps analysts automate faster without wasting time by having standard, vendor-agnostic procedures.
.conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu...Splunk
.conf Go 2023 presentation:
"Das passende Rezept für die digitale (Security) Revolution zur Telematik Infrastruktur 2.0 im Gesundheitswesen?"
Speaker: Stefan Stein -
Teamleiter CERT | gematik GmbH M.Eng. IT-Sicherheit & Forensik,
doctorate student at TH Brandenburg & Universität Dresden
El documento describe la transición de Cellnex de un Centro de Operaciones de Seguridad (SOC) a un Equipo de Respuesta a Incidentes de Seguridad (CSIRT). La transición se debió al crecimiento de Cellnex y la necesidad de automatizar procesos y tareas para mejorar la eficiencia. Cellnex implementó Splunk SIEM y SOAR para automatizar la creación, remediación y cierre de incidentes. Esto permitió al personal concentrarse en tareas estratégicas y mejorar KPIs como tiempos de resolución y correos electrónicos anal
conf go 2023 - El camino hacia la ciberseguridad (ABANCA)Splunk
Este documento resume el recorrido de ABANCA en su camino hacia la ciberseguridad con Splunk, desde la incorporación de perfiles dedicados en 2016 hasta convertirse en un centro de monitorización y respuesta con más de 1TB de ingesta diaria y 350 casos de uso alineados con MITRE ATT&CK. También describe errores cometidos y soluciones implementadas, como la normalización de fuentes y formación de operadores, y los pilares actuales como la automatización, visibilidad y alineación con MITRE ATT&CK. Por último, señala retos
Splunk - BMW connects business and IT with data driven operations SRE and O11ySplunk
BMW is defining the next level of mobility - digital interactions and technology are the backbone to continued success with its customers. Discover how an IT team is tackling the journey of business transformation at scale whilst maintaining (and showing the importance of) business and IT service availability. Learn how BMW introduced frameworks to connect business and IT, using real-time data to mitigate customer impact, as Michael and Mark share their experience in building operations for a resilient future.
The document is a presentation on cyber security trends and Splunk security products from Matthias Maier, Product Marketing Director for Security at Splunk. The presentation covers trends in security operations like the evolution of SOCs, new security roles, and data-centric security approaches. It also provides updates on Splunk's security portfolio including recognition as a leader in SIEM by Gartner and growth in the SIEM market. Maier highlights some breakout sessions from the conference on topics like asset defense, machine learning, and building detections.
Data foundations building success, at city scale – Imperial College LondonSplunk
Universities have more in common with modern cities than traditional places of learning. This mini city needs to empower its citizens to thrive and achieve their ambitions. Operationalising data is key to building critical services; from understanding complex IT estates for smarter decision-making to robust security and a more reliable, resilient student experience. Juan will share his experience in building data foundations for a resilient future whilst enabling digital transformation at Imperial College London.
Splunk: How Vodafone established Operational Analytics in a Hybrid Environmen...Splunk
Learn how Vodafone has provided end-to-end visibility across services by building an Operational Analytics Platform. In this session, you will hear how Stefan and his team manage legacy, on premise, hybrid and public cloud services, and how they are providing a platform for complex triage and debugging to tackle use cases across Vodafone’s extensive ecosystem.
.italo operates an Essential Service by connecting more than 100 million people annually across Italy with its super fast and secure railway. And CISO Enrico Maresca has been on a whirlwind journey of his own.
Formerly a Cyber Security Engineer, Enrico started at .italo as an IT Security Manager. One year later, he was promoted to CISO and tasked with building out – and significantly increasing the maturity level – of the SOC. The result was a huge step forward for .italo.
So how did he successfully achieve this ambitious ask? Join Enrico as he reveals the key insights and lessons learned in his SOC journey, including:
Top challenges faced in improving security posture
Key KPIs implemented in order to measure success
Strategies and approaches applied in the SOC
How MITRE ATT&CK and Splunk Enterprise Security were utilised
Next steps in their maturity journey ahead
This document summarizes a presentation about observability using Splunk. It includes an agenda introducing observability and why Splunk for observability. It discusses the need for modernization initiatives in companies and the thousands of changes required. It presents that Splunk provides end-to-end visibility across metrics, traces and logs to detect, troubleshoot and optimize systems. It shares a customer case study of Accenture using Splunk observability in their hybrid cloud environment. Finally, it concludes that observability with Splunk can drive results like reduced downtime and faster innovation.
This document contains slides from a Splunk presentation covering the following topics:
- Updated Splunk logo and information about meetings in Zurich and sales engineering leads
- Ideas for confused or concerned human figures in design concepts
- Three buckets of challenges around websites slowing, apps being down, and supply chain issues
- Accelerating mean time to detect, identify, respond and resolve through cyber resilience with Splunk
- Unifying security, IT and DevOps teams
- Splunk's technology vision focusing on customer experience, hybrid/edge, unleashing data lakes, and ubiquitous machine learning
- Gaining operational resilience through correlating infrastructure, security, application and user data with business outcomes
This document summarizes a presentation about Splunk's platform. It discusses Splunk's mission of helping customers create value faster with insights from their data. It provides statistics on Splunk's daily ingest and users. It highlights examples of how Splunk has helped customers in areas like internet messaging and convergent services. It also discusses upcoming challenges and new capabilities in Splunk like federated search, flexible indexing, ingest actions, improved data onboarding and management, and increased platform resilience and security.
The document appears to be a presentation from Splunk on security topics. It includes sections on cyber security resilience, the data-centric modern SOC, application monitoring at scale, threat modeling, security monitoring journeys, self-service Splunk infrastructure, the top 3 CISO priorities of risk based alerting, use case development, a security content repository, security PVP (posture, vision, and planning) and maturity assessment, and concludes with an overview of how Splunk can provide end-to-end visibility across an organization.
Best 20 SEO Techniques To Improve Website Visibility In SERPPixlogix Infotech
Boost your website's visibility with proven SEO techniques! Our latest blog dives into essential strategies to enhance your online presence, increase traffic, and rank higher on search engines. From keyword optimization to quality content creation, learn how to make your site stand out in the crowded digital landscape. Discover actionable tips and expert insights to elevate your SEO game.
GraphRAG for Life Science to increase LLM accuracyTomaz Bratanic
GraphRAG for life science domain, where you retriever information from biomedical knowledge graphs using LLMs to increase the accuracy and performance of generated answers
Driving Business Innovation: Latest Generative AI Advancements & Success StorySafe Software
Are you ready to revolutionize how you handle data? Join us for a webinar where we’ll bring you up to speed with the latest advancements in Generative AI technology and discover how leveraging FME with tools from giants like Google Gemini, Amazon, and Microsoft OpenAI can supercharge your workflow efficiency.
During the hour, we’ll take you through:
Guest Speaker Segment with Hannah Barrington: Dive into the world of dynamic real estate marketing with Hannah, the Marketing Manager at Workspace Group. Hear firsthand how their team generates engaging descriptions for thousands of office units by integrating diverse data sources—from PDF floorplans to web pages—using FME transformers, like OpenAIVisionConnector and AnthropicVisionConnector. This use case will show you how GenAI can streamline content creation for marketing across the board.
Ollama Use Case: Learn how Scenario Specialist Dmitri Bagh has utilized Ollama within FME to input data, create custom models, and enhance security protocols. This segment will include demos to illustrate the full capabilities of FME in AI-driven processes.
Custom AI Models: Discover how to leverage FME to build personalized AI models using your data. Whether it’s populating a model with local data for added security or integrating public AI tools, find out how FME facilitates a versatile and secure approach to AI.
We’ll wrap up with a live Q&A session where you can engage with our experts on your specific use cases, and learn more about optimizing your data workflows with AI.
This webinar is ideal for professionals seeking to harness the power of AI within their data management systems while ensuring high levels of customization and security. Whether you're a novice or an expert, gain actionable insights and strategies to elevate your data processes. Join us to see how FME and AI can revolutionize how you work with data!
Skybuffer AI: Advanced Conversational and Generative AI Solution on SAP Busin...Tatiana Kojar
Skybuffer AI, built on the robust SAP Business Technology Platform (SAP BTP), is the latest and most advanced version of our AI development, reaffirming our commitment to delivering top-tier AI solutions. Skybuffer AI harnesses all the innovative capabilities of the SAP BTP in the AI domain, from Conversational AI to cutting-edge Generative AI and Retrieval-Augmented Generation (RAG). It also helps SAP customers safeguard their investments into SAP Conversational AI and ensure a seamless, one-click transition to SAP Business AI.
With Skybuffer AI, various AI models can be integrated into a single communication channel such as Microsoft Teams. This integration empowers business users with insights drawn from SAP backend systems, enterprise documents, and the expansive knowledge of Generative AI. And the best part of it is that it is all managed through our intuitive no-code Action Server interface, requiring no extensive coding knowledge and making the advanced AI accessible to more users.
Dive into the realm of operating systems (OS) with Pravash Chandra Das, a seasoned Digital Forensic Analyst, as your guide. 🚀 This comprehensive presentation illuminates the core concepts, types, and evolution of OS, essential for understanding modern computing landscapes.
Beginning with the foundational definition, Das clarifies the pivotal role of OS as system software orchestrating hardware resources, software applications, and user interactions. Through succinct descriptions, he delineates the diverse types of OS, from single-user, single-task environments like early MS-DOS iterations, to multi-user, multi-tasking systems exemplified by modern Linux distributions.
Crucial components like the kernel and shell are dissected, highlighting their indispensable functions in resource management and user interface interaction. Das elucidates how the kernel acts as the central nervous system, orchestrating process scheduling, memory allocation, and device management. Meanwhile, the shell serves as the gateway for user commands, bridging the gap between human input and machine execution. 💻
The narrative then shifts to a captivating exploration of prominent desktop OSs, Windows, macOS, and Linux. Windows, with its globally ubiquitous presence and user-friendly interface, emerges as a cornerstone in personal computing history. macOS, lauded for its sleek design and seamless integration with Apple's ecosystem, stands as a beacon of stability and creativity. Linux, an open-source marvel, offers unparalleled flexibility and security, revolutionizing the computing landscape. 🖥️
Moving to the realm of mobile devices, Das unravels the dominance of Android and iOS. Android's open-source ethos fosters a vibrant ecosystem of customization and innovation, while iOS boasts a seamless user experience and robust security infrastructure. Meanwhile, discontinued platforms like Symbian and Palm OS evoke nostalgia for their pioneering roles in the smartphone revolution.
The journey concludes with a reflection on the ever-evolving landscape of OS, underscored by the emergence of real-time operating systems (RTOS) and the persistent quest for innovation and efficiency. As technology continues to shape our world, understanding the foundations and evolution of operating systems remains paramount. Join Pravash Chandra Das on this illuminating journey through the heart of computing. 🌟
Generating privacy-protected synthetic data using Secludy and MilvusZilliz
During this demo, the founders of Secludy will demonstrate how their system utilizes Milvus to store and manipulate embeddings for generating privacy-protected synthetic data. Their approach not only maintains the confidentiality of the original data but also enhances the utility and scalability of LLMs under privacy constraints. Attendees, including machine learning engineers, data scientists, and data managers, will witness first-hand how Secludy's integration with Milvus empowers organizations to harness the power of LLMs securely and efficiently.
In the rapidly evolving landscape of technologies, XML continues to play a vital role in structuring, storing, and transporting data across diverse systems. The recent advancements in artificial intelligence (AI) present new methodologies for enhancing XML development workflows, introducing efficiency, automation, and intelligent capabilities. This presentation will outline the scope and perspective of utilizing AI in XML development. The potential benefits and the possible pitfalls will be highlighted, providing a balanced view of the subject.
We will explore the capabilities of AI in understanding XML markup languages and autonomously creating structured XML content. Additionally, we will examine the capacity of AI to enrich plain text with appropriate XML markup. Practical examples and methodological guidelines will be provided to elucidate how AI can be effectively prompted to interpret and generate accurate XML markup.
Further emphasis will be placed on the role of AI in developing XSLT, or schemas such as XSD and Schematron. We will address the techniques and strategies adopted to create prompts for generating code, explaining code, or refactoring the code, and the results achieved.
The discussion will extend to how AI can be used to transform XML content. In particular, the focus will be on the use of AI XPath extension functions in XSLT, Schematron, Schematron Quick Fixes, or for XML content refactoring.
The presentation aims to deliver a comprehensive overview of AI usage in XML development, providing attendees with the necessary knowledge to make informed decisions. Whether you’re at the early stages of adopting AI or considering integrating it in advanced XML development, this presentation will cover all levels of expertise.
By highlighting the potential advantages and challenges of integrating AI with XML development tools and languages, the presentation seeks to inspire thoughtful conversation around the future of XML development. We’ll not only delve into the technical aspects of AI-powered XML development but also discuss practical implications and possible future directions.
Main news related to the CCS TSI 2023 (2023/1695)Jakub Marek
An English 🇬🇧 translation of a presentation to the speech I gave about the main changes brought by CCS TSI 2023 at the biggest Czech conference on Communications and signalling systems on Railways, which was held in Clarion Hotel Olomouc from 7th to 9th November 2023 (konferenceszt.cz). Attended by around 500 participants and 200 on-line followers.
The original Czech 🇨🇿 version of the presentation can be found here: https://www.slideshare.net/slideshow/hlavni-novinky-souvisejici-s-ccs-tsi-2023-2023-1695/269688092 .
The videorecording (in Czech) from the presentation is available here: https://youtu.be/WzjJWm4IyPk?si=SImb06tuXGb30BEH .
Your One-Stop Shop for Python Success: Top 10 US Python Development Providersakankshawande
Simplify your search for a reliable Python development partner! This list presents the top 10 trusted US providers offering comprehensive Python development services, ensuring your project's success from conception to completion.
Ivanti’s Patch Tuesday breakdown goes beyond patching your applications and brings you the intelligence and guidance needed to prioritize where to focus your attention first. Catch early analysis on our Ivanti blog, then join industry expert Chris Goettl for the Patch Tuesday Webinar Event. There we’ll do a deep dive into each of the bulletins and give guidance on the risks associated with the newly-identified vulnerabilities.
Trusted Execution Environment for Decentralized Process MiningLucaBarbaro3
Presentation of the paper "Trusted Execution Environment for Decentralized Process Mining" given during the CAiSE 2024 Conference in Cyprus on June 7, 2024.
Letter and Document Automation for Bonterra Impact Management (fka Social Sol...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on automated letter generation for Bonterra Impact Management using Google Workspace or Microsoft 365.
Interested in deploying letter generation automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Building Production Ready Search Pipelines with Spark and MilvusZilliz
Spark is the widely used ETL tool for processing, indexing and ingesting data to serving stack for search. Milvus is the production-ready open-source vector database. In this talk we will show how to use Spark to process unstructured data to extract vector representations, and push the vectors to Milvus vector database for search serving.
This presentation provides valuable insights into effective cost-saving techniques on AWS. Learn how to optimize your AWS resources by rightsizing, increasing elasticity, picking the right storage class, and choosing the best pricing model. Additionally, discover essential governance mechanisms to ensure continuous cost efficiency. Whether you are new to AWS or an experienced user, this presentation provides clear and practical tips to help you reduce your cloud costs and get the most out of your budget.
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUpanagenda
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-und-domino-lizenzkostenreduzierung-in-der-welt-von-dlau/
DLAU und die Lizenzen nach dem CCB- und CCX-Modell sind für viele in der HCL-Community seit letztem Jahr ein heißes Thema. Als Notes- oder Domino-Kunde haben Sie vielleicht mit unerwartet hohen Benutzerzahlen und Lizenzgebühren zu kämpfen. Sie fragen sich vielleicht, wie diese neue Art der Lizenzierung funktioniert und welchen Nutzen sie Ihnen bringt. Vor allem wollen Sie sicherlich Ihr Budget einhalten und Kosten sparen, wo immer möglich. Das verstehen wir und wir möchten Ihnen dabei helfen!
Wir erklären Ihnen, wie Sie häufige Konfigurationsprobleme lösen können, die dazu führen können, dass mehr Benutzer gezählt werden als nötig, und wie Sie überflüssige oder ungenutzte Konten identifizieren und entfernen können, um Geld zu sparen. Es gibt auch einige Ansätze, die zu unnötigen Ausgaben führen können, z. B. wenn ein Personendokument anstelle eines Mail-Ins für geteilte Mailboxen verwendet wird. Wir zeigen Ihnen solche Fälle und deren Lösungen. Und natürlich erklären wir Ihnen das neue Lizenzmodell.
Nehmen Sie an diesem Webinar teil, bei dem HCL-Ambassador Marc Thomas und Gastredner Franz Walder Ihnen diese neue Welt näherbringen. Es vermittelt Ihnen die Tools und das Know-how, um den Überblick zu bewahren. Sie werden in der Lage sein, Ihre Kosten durch eine optimierte Domino-Konfiguration zu reduzieren und auch in Zukunft gering zu halten.
Diese Themen werden behandelt
- Reduzierung der Lizenzkosten durch Auffinden und Beheben von Fehlkonfigurationen und überflüssigen Konten
- Wie funktionieren CCB- und CCX-Lizenzen wirklich?
- Verstehen des DLAU-Tools und wie man es am besten nutzt
- Tipps für häufige Problembereiche, wie z. B. Team-Postfächer, Funktions-/Testbenutzer usw.
- Praxisbeispiele und Best Practices zum sofortigen Umsetzen
3. My Background and Role
▶ Data Scientist and Security Architect at Post
Luxembourg
▶ Machine learning, computer security, software
engineering
▶ Security blue team:
▶ Visibility, Intelligence, and Action
▶ Innovation
▶ “Splunk> see the forest, and the trees”
Cu D. Nguyen, Ph.D.
5. PBX hacking
▶ A telephone system within an enterprise
▶ Switching calls among local users and
share external phone lines
What is a PBX?
And when it’s hacked, what happens?
▶ Attackers/fraudsters control the PBX,
making premium rate (expensive) calls
6. A deep-dive into a PBX hacking fraud
Hacked phone numbers
Premium phone numbers
owned by fraudsters
7. A deep-dive into a PBX hacking fraud
A well-organized crime:
• 19 calling numbers from the
hacked PBX
• 1000+ destination numbers all
over the world
• Cost ~50K euros if not handled
8. What we’ve learned
Fraudsters are well-organized and evolving
Running AFTER them, we need to be FAST and PRECISE!
BigData
Analytics
Machine
Learning
Automation
9. Comprehensive Quality & Governance
▶ Filtering
▶ Anonymizing
▶ Parsing
▶ Enriching
▶ Role-based access
control
▶ Auditability
Extendibility and
Scalability
▶ Scalable in a linear
fashion
▶ Apps & TAs
Why Splunk?
hours
weeks
10. Splunk at Post Luxembourg
Spam/Fraud
detectors
Voice
Mobile & Fix
SMS/MMS
Block/unblock API
On Telecom Gateways
Network
CDRs
Machine learning
IT DDoS
TIDS DevOps
• 62.5M events/day
• Approx. filtered
80GB/day
Fraud management GUI
11. Fraud detection using machine learning
Use historical data
for training models
(detectors)
Use the trained
models for
classifying new data
Frequent retraining
to catch new
patterns
Image source: http://www.cognub.com/index.php/cognitive-platform/
12. Fraud detection using Splunk ML Toolkit
normal cases
frauds
Features: number of calls, number of targets, destination countries, cost, duration ….
Models: Random Forest (+ statistical models)
14. What’s next?
▶ Evolving telco frauds meet evolving solutions
▶ Faster
▶ Broader, covering more cases
▶ Smarter, being more precise and dealing with new patterns
▶ Machine learning
▶ From supervised to semi or unsupervised, in collaboration with University of Luxembourg
▶ AutoML (algorithm selection and hyperparameter tuning)