SlideShare uma empresa Scribd logo

Partner Exec Summit 2018 - Frankfurt: Analytics-driven Security und SOAR

Transferir como PPTX, PDF
Splunk
Splunk

Presentation from the Partner Executive Summit, Frankfurt, 21. November 2018

Tecnologia
1 de 25
© 2017 SPLUNK INC. Analytics-Driven Security und Security Orchestration Automation And Response Angelo Brancato CISSP, CISM, CCSK | Security Specialist, EMEA NOVEMBER 21ST, FRANKFURT AM MAIN
© 2017 SPLUNK INC. During the course of this presentation, we may make forward-looking statements regarding future events or the expected performance of the company. We caution you that such statements reflect our current expectations and estimates based on factors currently known to us and that actual events or results could differ materially. For important factors that may cause actual results to differ from those contained in our forward-looking statements, please review our filings with the SEC. The forward-looking statements made in this presentation are being made as of the time and date of its live presentation. If reviewed after its live presentation, this presentation may not contain current or accurate information. We do not assume any obligation to update any forward looking statements we may make. In addition, any information about our roadmap outlines our general product direction and is subject to change at any time without notice. It is for informational purposes only and shall not be incorporated into any contract or other commitment. Splunk undertakes no obligation either to develop the features or functionality described or to include any such feature or functionality in a future release. Splunk, Splunk>, Listen to Your Data, The Engine for Machine Data, Splunk Cloud, Splunk Light and SPL are trademarks and registered trademarks of Splunk Inc. in the United States and other countries. All other brand names, product names, or trademarks belong to their respective owners. © 2017 Splunk Inc. All rights reserved. Forward-Looking Statements
© 2017 SPLUNK INC. Splunk turns machine data into answers Network Servers DevOps Users Cloud Security Databases O F T H E Same Data D I F F E R E N T People A S K I N G D I F F E R E N T Questions
© 2017 SPLUNK INC. Splunk was built for change from the beginning Send unstructured data from all systems, devices and people Splunk doesn’t structure your data until you start to ask it questions Suite of tools empower you to investigate, monitor and act on any data, anywhere Ideal to detect everchanging cyber attacks
THREATS ARE MORE COMPLEX AND FAR REACHING NOT CLOSING THE SKILLS GAP SECURITY TO ENABLE BUSINESS AND THE MISSION
T I E R 1 A N A LY S T W O R K W I L L B E A U T O M AT E D T I M E N O W S P E N T T U N I N G D E T E C T I O N A N D R E S P O N S E L O G I C P L AT F O R M T O O R C H E S T R AT E T H E M A L L 90% 50% 1
© 2018 SPLUNK INC. Splunk Security Portfolio DATA PLATFORM ANALYTICS OPERATIONS Platform for Machine Data
© 2018 SPLUNK INC. Splunk Security Portfolio DATA PLATFORM ANALYTICS OPERATIONS Platform for Machine Data Search and Investigate Proactive Monitoring and Alerting Security Situational Awareness Real-time Risk Insight & Automation Reactive Proactive Level 1 Level 2 Level 3 Level 4
© 2017 SPLUNK INC. Search and Investigate Proactive Monitoring and Alerting Security Situational Awareness Real-time Risk Insight & Automation Reactive Proactive Level 1 Level 2 Level 3 Level 4 DATA PLATFORM ANALYTICS OPERATIONS Platform for Machine Data + Free Apps 125+ Examples, with 180+ Searches Data Onboarding Guides Content Mapping (MITRE ATT&CK, Killchain etc.) Mapping to Premium Apps On-Prem, Cloud, SaaS or Hybrid Performance at Scale Open Ecosystem Native ML/AI Integration
© 2017 SPLUNK INC. Search and Investigate Proactive Monitoring and Alerting Security Situational Awareness Real-time Risk Insight & Automation Reactive Proactive Level 1 Level 2 Level 3 Level 4 DATA PLATFORM ANALYTICS OPERATIONS Platform for Machine Data + Free Apps ... Many great, free Apps to solve a specific Problem
© 2017 SPLUNK INC. Search and Investigate Proactive Monitoring and Alerting Security Situational Awareness Real-time Risk Insight & Automation Reactive Proactive Level 1 Level 2 Level 3 Level 4 DATA PLATFORM ANALYTICS OPERATIONS Platform for Machine Data ASSET AND IDENTITY CORRELATION NOTABLE EVENT & INVESTIGATION THREAT INTELLIGENCE RISK ANALYSIS ADAPTIVE RESPONSE CONTENT UPDATE +
© 2017 SPLUNK INC. Search and Investigate Proactive Monitoring and Alerting Security Situational Awareness Real-time Risk Insight & Automation Reactive Proactive Level 1 Level 2 Level 3 Level 4 DATA PLATFORM ANALYTICS OPERATIONS Platform for Machine Data + MATHMATICAL STATISTICAL CALCULATION ANOMALIES / PREDICTION ANALYTICS DRIVEN SECURITY Correlations and notable events EVENT & INFORMATION CORRELATION RISK
© 2017 SPLUNK INC. Event Sequencing to optimize threat detection and accelerate investigation Use Case Library for faster detection and incident response Updated Investigation Workbench to reduce time to contain and remediate .Conf2018 Release Splunk Enterprise Security 5.2
© 2017 SPLUNK INC. Search and Investigate Proactive Monitoring and Alerting Security Situational Awareness Real-time Risk Insight & Automation Reactive Proactive Level 1 Level 2 Level 3 Level 4 DATA PLATFORM ANALYTICS OPERATIONS Platform for Machine Data + + Realm of Known Realm of Unknown
© 2017 SPLUNK INC. Splunk-to-Kafka UBA ingestion for enhanced performance and reliability User Feedback Learning to improve threat detection and anomaly customization Native UBA SSO authentication support for IAM tools .Conf2018 Release Splunk User Behavior Analytics 4.2
© 2017 SPLUNK INC. Search and Investigate Proactive Monitoring and Alerting Security Situational Awareness Real-time Risk Insight & Automation Reactive Proactive Level 1 Level 2 Level 3 Level 4 DATA PLATFORM ANALYTICS OPERATIONS Platform for Machine Data + +
© 2017 SPLUNK INC. Search and Investigate Proactive Monitoring and Alerting Security Situational Awareness Real-time Risk Insight & Automation Reactive Proactive Level 1 Level 2 Level 3 Level 4 DATA PLATFORM ANALYTICS OPERATIONS Platform for Machine Data + + Optional Optional
Decision Making Acting SIEM THREAT INTEL PLATFORM HADOOP GRC AUTOMATED MANUAL (TODAY) FIREWALL IDS / IPS ENDPOINT WAF ADVANCED MALWARE FORENSICS MALWARE DETONATION FIREWALL IDS / IPS ENDPOINT WAF ADVANCED MALWARE FORENSICS MALWARE DETONATION TIER 1 TIER 2 TIER 3 Observe Point Products Orient Analytics SOAR for Security Operations Faster execution through the loop yields better security
Decision Making Acting SIEM THREAT INTEL PLATFORM HADOOP GRC AUTOMATED AUTOMATED WITH PHANTOM FIREWALL IDS / IPS ENDPOINT WAF ADVANCED MALWARE FORENSICS MALWARE DETONATION FIREWALL IDS / IPS ENDPOINT WAF ADVANCED MALWARE FORENSICS MALWARE DETONATION TIER 1 TIER 2 TIER 3 Observe Point Products Orient Analytics SOAR for Security Operations Faster execution through the loop yields better security ACTION RESULTS / FEEDBACK LOOP
© 2017 SPLUNK INC. SplunkSANDBOX QUERY RECIPIENTS USER PROFILE HUNT FILE HUNT FILE FILE REPUTATION FILE ASSESSMENT RUN PLAYBOOK “REMEDIATE" EMAIL ALERT Automated Malware Investigation “Automation with Phantom enables us to process malware email alerts in about 40 seconds vs. 30 minutes or more.” Adam Fletcher CISO, Blackstone A Phantom Case Study
© 2017 SPLUNK INC. Clustering support for scale, performance and redundancy Indicator View for improved threat analysis and hunting Integrated Splunk Search, the only SOAR platform with this capability ANNOUNCING Splunk Phantom 4.1
© 2017 SPLUNK INC. Cloud Security Endpoints Orchestration WAF & App Security Threat Intelligence Network Web Proxy Firewall Identity and Access The thought process The intuition The reflexes Machine Learning & Adaptive Operations & Analytics Driven Security & Splunk as the Security Nerve Center
© 2017 SPLUNK INC. Cloud Security Endpoints Orchestration WAF & App Security Threat Intelligence Network Web Proxy Firewall Identity and Access The thought process The intuition The reflexes Machine Learning & Adaptive Operations & Analytics Driven Security & Splunk as the Security Nerve Center T I E R 1 A N A LY S T W O R K W I L L B E A U T O M AT E D T I M E N O W S P E N T T U N I N G D E T E C T I O N A N D R E S P O N S E L O G I C P L AT F O R M T O O R C H E S T R AT E T H E M A L L 90% 50% 1
© 2017 SPLUNK INC. SPLUNK User Behavior Analytics 4.2 SPLUNK Enterprise Security 5.2 SPLUNK Phantom 4.1 Event Sequencing Accelerate Investigation User Feedback Targeted Hunting Indicator View Faster Remediation Use Case Library Container-Based Architecture Clustering Support User Management UI SECURITY PREMIUM APPS – Conf18 Releases
© 2017 SPLUNK INC. THANK YOU!

Recomendados

Partner Exec Summit 2018 - Frankfurt: Splunk Business Flow Beta
Partner Exec Summit 2018 - Frankfurt: Splunk Business Flow BetaPartner Exec Summit 2018 - Frankfurt: Splunk Business Flow Beta
Partner Exec Summit 2018 - Frankfurt: Splunk Business Flow BetaSplunk
 
Splunk Phantom SOAR Roundtable
Splunk Phantom SOAR RoundtableSplunk Phantom SOAR Roundtable
Splunk Phantom SOAR RoundtableSplunk
 
Partner Exec Summit 2018 - Frankfurt: Splunk for Industrial IoT
Partner Exec Summit 2018 - Frankfurt: Splunk for Industrial IoTPartner Exec Summit 2018 - Frankfurt: Splunk for Industrial IoT
Partner Exec Summit 2018 - Frankfurt: Splunk for Industrial IoTSplunk
 
Travis Perkins at Gartner Risk and Security Management Summit Europe
Travis Perkins at Gartner Risk and Security Management Summit EuropeTravis Perkins at Gartner Risk and Security Management Summit Europe
Travis Perkins at Gartner Risk and Security Management Summit EuropeSplunk
 
Splunk IT Service Intelligence Overview - AIOps Roundtable Bern
Splunk IT Service Intelligence Overview - AIOps Roundtable BernSplunk IT Service Intelligence Overview - AIOps Roundtable Bern
Splunk IT Service Intelligence Overview - AIOps Roundtable BernSplunk
 
SplunkLive! Utrecht 2018 - Customer presentation: Irdeto
SplunkLive! Utrecht 2018 - Customer presentation: Irdeto SplunkLive! Utrecht 2018 - Customer presentation: Irdeto
SplunkLive! Utrecht 2018 - Customer presentation: Irdeto Splunk
 
SplunkLive! Utrecht 2018 - Customer presentation: Dutch Tax Office
SplunkLive! Utrecht 2018 - Customer presentation: Dutch Tax Office SplunkLive! Utrecht 2018 - Customer presentation: Dutch Tax Office
SplunkLive! Utrecht 2018 - Customer presentation: Dutch Tax Office Splunk
 
Partner Exec Summit 2018 - Frankfurt: AIOps
Partner Exec Summit 2018 - Frankfurt: AIOpsPartner Exec Summit 2018 - Frankfurt: AIOps
Partner Exec Summit 2018 - Frankfurt: AIOpsSplunk
 

Recomendados

Partner Exec Summit 2018 - Frankfurt: Splunk Business Flow Beta
Partner Exec Summit 2018 - Frankfurt: Splunk Business Flow BetaPartner Exec Summit 2018 - Frankfurt: Splunk Business Flow Beta
Partner Exec Summit 2018 - Frankfurt: Splunk Business Flow BetaSplunk
 
Splunk Phantom SOAR Roundtable
Splunk Phantom SOAR RoundtableSplunk Phantom SOAR Roundtable
Splunk Phantom SOAR RoundtableSplunk
 
Partner Exec Summit 2018 - Frankfurt: Splunk for Industrial IoT
Partner Exec Summit 2018 - Frankfurt: Splunk for Industrial IoTPartner Exec Summit 2018 - Frankfurt: Splunk for Industrial IoT
Partner Exec Summit 2018 - Frankfurt: Splunk for Industrial IoTSplunk
 
Travis Perkins at Gartner Risk and Security Management Summit Europe
Travis Perkins at Gartner Risk and Security Management Summit EuropeTravis Perkins at Gartner Risk and Security Management Summit Europe
Travis Perkins at Gartner Risk and Security Management Summit EuropeSplunk
 
Splunk IT Service Intelligence Overview - AIOps Roundtable Bern
Splunk IT Service Intelligence Overview - AIOps Roundtable BernSplunk IT Service Intelligence Overview - AIOps Roundtable Bern
Splunk IT Service Intelligence Overview - AIOps Roundtable BernSplunk
 
SplunkLive! Utrecht 2018 - Customer presentation: Irdeto
SplunkLive! Utrecht 2018 - Customer presentation: Irdeto SplunkLive! Utrecht 2018 - Customer presentation: Irdeto
SplunkLive! Utrecht 2018 - Customer presentation: Irdeto Splunk
 
SplunkLive! Utrecht 2018 - Customer presentation: Dutch Tax Office
SplunkLive! Utrecht 2018 - Customer presentation: Dutch Tax Office SplunkLive! Utrecht 2018 - Customer presentation: Dutch Tax Office
SplunkLive! Utrecht 2018 - Customer presentation: Dutch Tax Office Splunk
 
Partner Exec Summit 2018 - Frankfurt: AIOps
Partner Exec Summit 2018 - Frankfurt: AIOpsPartner Exec Summit 2018 - Frankfurt: AIOps
Partner Exec Summit 2018 - Frankfurt: AIOpsSplunk
 
How a Leading Saudi Bank Matured Security to Better Partner the Business
How a Leading Saudi Bank Matured Security to Better Partner the BusinessHow a Leading Saudi Bank Matured Security to Better Partner the Business
How a Leading Saudi Bank Matured Security to Better Partner the BusinessSplunk
 
The Splunk AISecOps Initiative - Splunk Security Roundtable: Zurich 2018
The Splunk AISecOps Initiative - Splunk Security Roundtable: Zurich 2018The Splunk AISecOps Initiative - Splunk Security Roundtable: Zurich 2018
The Splunk AISecOps Initiative - Splunk Security Roundtable: Zurich 2018Splunk
 
Splunk Discovery: Milan 2018 - Delivering New Visibility and Analytics for IT...
Splunk Discovery: Milan 2018 - Delivering New Visibility and Analytics for IT...Splunk Discovery: Milan 2018 - Delivering New Visibility and Analytics for IT...
Splunk Discovery: Milan 2018 - Delivering New Visibility and Analytics for IT...Splunk
 
SplunkLive! Stockholm 2019 - Customer presentation: Norlys
SplunkLive! Stockholm 2019 - Customer presentation: Norlys SplunkLive! Stockholm 2019 - Customer presentation: Norlys
SplunkLive! Stockholm 2019 - Customer presentation: Norlys Splunk
 
SplunkLive! Stockholm 2018 - Customer presentation: Telia
SplunkLive! Stockholm 2018 - Customer presentation: Telia SplunkLive! Stockholm 2018 - Customer presentation: Telia
SplunkLive! Stockholm 2018 - Customer presentation: Telia Splunk
 
Introduction into Security Analytics Methods
Introduction into Security Analytics Methods Introduction into Security Analytics Methods
Introduction into Security Analytics Methods Splunk
 
SplunkLive! Stockholm 2019 - Customer presentation: ISS
SplunkLive! Stockholm 2019 - Customer presentation: ISS SplunkLive! Stockholm 2019 - Customer presentation: ISS
SplunkLive! Stockholm 2019 - Customer presentation: ISS Splunk
 
SplunkLive! London 2017 - Splunk Overview
SplunkLive! London 2017 - Splunk OverviewSplunkLive! London 2017 - Splunk Overview
SplunkLive! London 2017 - Splunk OverviewSplunk
 
Clear the Mist from your Clouds with Splunk
Clear the Mist from your Clouds with SplunkClear the Mist from your Clouds with Splunk
Clear the Mist from your Clouds with SplunkSplunk
 
Splunk Discovery: Milan 2018 - Intro to Security Analytics Methods
Splunk Discovery: Milan 2018 - Intro to Security Analytics MethodsSplunk Discovery: Milan 2018 - Intro to Security Analytics Methods
Splunk Discovery: Milan 2018 - Intro to Security Analytics MethodsSplunk
 
SplunkLive! London 2017 - An End-To-End Approach: Detect via Behavious and Re...
SplunkLive! London 2017 - An End-To-End Approach: Detect via Behavious and Re...SplunkLive! London 2017 - An End-To-End Approach: Detect via Behavious and Re...
SplunkLive! London 2017 - An End-To-End Approach: Detect via Behavious and Re...Splunk
 
SplunkLive! Paris 2018: Integrating Metrics and Logs
SplunkLive! Paris 2018: Integrating Metrics and LogsSplunkLive! Paris 2018: Integrating Metrics and Logs
SplunkLive! Paris 2018: Integrating Metrics and LogsSplunk
 
Financial Services Forum_New York, May 17, 2017
Financial Services Forum_New York, May 17, 2017Financial Services Forum_New York, May 17, 2017
Financial Services Forum_New York, May 17, 2017Splunk
 
SplunkLive! London 2017 - Build a Security Portfolio That Strengthens Your Se...
SplunkLive! London 2017 - Build a Security Portfolio That Strengthens Your Se...SplunkLive! London 2017 - Build a Security Portfolio That Strengthens Your Se...
SplunkLive! London 2017 - Build a Security Portfolio That Strengthens Your Se...Splunk
 
SplunkLive! Paris 2018: Splunk Overview
SplunkLive! Paris 2018: Splunk OverviewSplunkLive! Paris 2018: Splunk Overview
SplunkLive! Paris 2018: Splunk OverviewSplunk
 
Splunk Discovery: Milan 2018 - Splunk Overview
Splunk Discovery: Milan 2018 - Splunk OverviewSplunk Discovery: Milan 2018 - Splunk Overview
Splunk Discovery: Milan 2018 - Splunk OverviewSplunk
 
SplunkLive! Paris 2018: Plenary Session
SplunkLive! Paris 2018: Plenary SessionSplunkLive! Paris 2018: Plenary Session
SplunkLive! Paris 2018: Plenary SessionSplunk
 
Danfoss - Splunk for Vulnerability Management
Danfoss - Splunk for Vulnerability ManagementDanfoss - Splunk for Vulnerability Management
Danfoss - Splunk for Vulnerability ManagementSplunk
 
Drive More Value from your SOC Through Connecting Security to the Business
Drive More Value from your SOC Through Connecting Security to the BusinessDrive More Value from your SOC Through Connecting Security to the Business
Drive More Value from your SOC Through Connecting Security to the BusinessSplunk
 
Splunk Forum Frankfurt - 15th Nov 2017 - Building SOC with Splunk
Splunk Forum Frankfurt - 15th Nov 2017 - Building SOC with SplunkSplunk Forum Frankfurt - 15th Nov 2017 - Building SOC with Splunk
Splunk Forum Frankfurt - 15th Nov 2017 - Building SOC with SplunkSplunk
 
SplunkLive! Munich 2018: Use Splunk for incident Response, Orchestration and ...
SplunkLive! Munich 2018: Use Splunk for incident Response, Orchestration and ...SplunkLive! Munich 2018: Use Splunk for incident Response, Orchestration and ...
SplunkLive! Munich 2018: Use Splunk for incident Response, Orchestration and ...Splunk
 
Splunk live nyc_2017_sec_buildinganalyticsdrivensoc
Splunk live nyc_2017_sec_buildinganalyticsdrivensocSplunk live nyc_2017_sec_buildinganalyticsdrivensoc
Splunk live nyc_2017_sec_buildinganalyticsdrivensocRene Aguero
 

Mais conteúdo relacionado

Mais procurados

How a Leading Saudi Bank Matured Security to Better Partner the Business
How a Leading Saudi Bank Matured Security to Better Partner the BusinessHow a Leading Saudi Bank Matured Security to Better Partner the Business
How a Leading Saudi Bank Matured Security to Better Partner the BusinessSplunk
 
The Splunk AISecOps Initiative - Splunk Security Roundtable: Zurich 2018
The Splunk AISecOps Initiative - Splunk Security Roundtable: Zurich 2018The Splunk AISecOps Initiative - Splunk Security Roundtable: Zurich 2018
The Splunk AISecOps Initiative - Splunk Security Roundtable: Zurich 2018Splunk
 
Splunk Discovery: Milan 2018 - Delivering New Visibility and Analytics for IT...
Splunk Discovery: Milan 2018 - Delivering New Visibility and Analytics for IT...Splunk Discovery: Milan 2018 - Delivering New Visibility and Analytics for IT...
Splunk Discovery: Milan 2018 - Delivering New Visibility and Analytics for IT...Splunk
 
SplunkLive! Stockholm 2019 - Customer presentation: Norlys
SplunkLive! Stockholm 2019 - Customer presentation: Norlys SplunkLive! Stockholm 2019 - Customer presentation: Norlys
SplunkLive! Stockholm 2019 - Customer presentation: Norlys Splunk
 
SplunkLive! Stockholm 2018 - Customer presentation: Telia
SplunkLive! Stockholm 2018 - Customer presentation: Telia SplunkLive! Stockholm 2018 - Customer presentation: Telia
SplunkLive! Stockholm 2018 - Customer presentation: Telia Splunk
 
Introduction into Security Analytics Methods
Introduction into Security Analytics Methods Introduction into Security Analytics Methods
Introduction into Security Analytics Methods Splunk
 
SplunkLive! Stockholm 2019 - Customer presentation: ISS
SplunkLive! Stockholm 2019 - Customer presentation: ISS SplunkLive! Stockholm 2019 - Customer presentation: ISS
SplunkLive! Stockholm 2019 - Customer presentation: ISS Splunk
 
SplunkLive! London 2017 - Splunk Overview
SplunkLive! London 2017 - Splunk OverviewSplunkLive! London 2017 - Splunk Overview
SplunkLive! London 2017 - Splunk OverviewSplunk
 
Clear the Mist from your Clouds with Splunk
Clear the Mist from your Clouds with SplunkClear the Mist from your Clouds with Splunk
Clear the Mist from your Clouds with SplunkSplunk
 
Splunk Discovery: Milan 2018 - Intro to Security Analytics Methods
Splunk Discovery: Milan 2018 - Intro to Security Analytics MethodsSplunk Discovery: Milan 2018 - Intro to Security Analytics Methods
Splunk Discovery: Milan 2018 - Intro to Security Analytics MethodsSplunk
 
SplunkLive! London 2017 - An End-To-End Approach: Detect via Behavious and Re...
SplunkLive! London 2017 - An End-To-End Approach: Detect via Behavious and Re...SplunkLive! London 2017 - An End-To-End Approach: Detect via Behavious and Re...
SplunkLive! London 2017 - An End-To-End Approach: Detect via Behavious and Re...Splunk
 
SplunkLive! Paris 2018: Integrating Metrics and Logs
SplunkLive! Paris 2018: Integrating Metrics and LogsSplunkLive! Paris 2018: Integrating Metrics and Logs
SplunkLive! Paris 2018: Integrating Metrics and LogsSplunk
 
Financial Services Forum_New York, May 17, 2017
Financial Services Forum_New York, May 17, 2017Financial Services Forum_New York, May 17, 2017
Financial Services Forum_New York, May 17, 2017Splunk
 
SplunkLive! London 2017 - Build a Security Portfolio That Strengthens Your Se...
SplunkLive! London 2017 - Build a Security Portfolio That Strengthens Your Se...SplunkLive! London 2017 - Build a Security Portfolio That Strengthens Your Se...
SplunkLive! London 2017 - Build a Security Portfolio That Strengthens Your Se...Splunk
 
SplunkLive! Paris 2018: Splunk Overview
SplunkLive! Paris 2018: Splunk OverviewSplunkLive! Paris 2018: Splunk Overview
SplunkLive! Paris 2018: Splunk OverviewSplunk
 
Splunk Discovery: Milan 2018 - Splunk Overview
Splunk Discovery: Milan 2018 - Splunk OverviewSplunk Discovery: Milan 2018 - Splunk Overview
Splunk Discovery: Milan 2018 - Splunk OverviewSplunk
 
SplunkLive! Paris 2018: Plenary Session
SplunkLive! Paris 2018: Plenary SessionSplunkLive! Paris 2018: Plenary Session
SplunkLive! Paris 2018: Plenary SessionSplunk
 
Danfoss - Splunk for Vulnerability Management
Danfoss - Splunk for Vulnerability ManagementDanfoss - Splunk for Vulnerability Management
Danfoss - Splunk for Vulnerability ManagementSplunk
 
Drive More Value from your SOC Through Connecting Security to the Business
Drive More Value from your SOC Through Connecting Security to the BusinessDrive More Value from your SOC Through Connecting Security to the Business
Drive More Value from your SOC Through Connecting Security to the BusinessSplunk
 
Splunk Forum Frankfurt - 15th Nov 2017 - Building SOC with Splunk
Splunk Forum Frankfurt - 15th Nov 2017 - Building SOC with SplunkSplunk Forum Frankfurt - 15th Nov 2017 - Building SOC with Splunk
Splunk Forum Frankfurt - 15th Nov 2017 - Building SOC with SplunkSplunk
 

Mais procurados (20)

How a Leading Saudi Bank Matured Security to Better Partner the Business
How a Leading Saudi Bank Matured Security to Better Partner the BusinessHow a Leading Saudi Bank Matured Security to Better Partner the Business
How a Leading Saudi Bank Matured Security to Better Partner the Business
 
The Splunk AISecOps Initiative - Splunk Security Roundtable: Zurich 2018
The Splunk AISecOps Initiative - Splunk Security Roundtable: Zurich 2018The Splunk AISecOps Initiative - Splunk Security Roundtable: Zurich 2018
The Splunk AISecOps Initiative - Splunk Security Roundtable: Zurich 2018
 
Splunk Discovery: Milan 2018 - Delivering New Visibility and Analytics for IT...
Splunk Discovery: Milan 2018 - Delivering New Visibility and Analytics for IT...Splunk Discovery: Milan 2018 - Delivering New Visibility and Analytics for IT...
Splunk Discovery: Milan 2018 - Delivering New Visibility and Analytics for IT...
 
SplunkLive! Stockholm 2019 - Customer presentation: Norlys
SplunkLive! Stockholm 2019 - Customer presentation: Norlys SplunkLive! Stockholm 2019 - Customer presentation: Norlys
SplunkLive! Stockholm 2019 - Customer presentation: Norlys
 
SplunkLive! Stockholm 2018 - Customer presentation: Telia
SplunkLive! Stockholm 2018 - Customer presentation: Telia SplunkLive! Stockholm 2018 - Customer presentation: Telia
SplunkLive! Stockholm 2018 - Customer presentation: Telia
 
Introduction into Security Analytics Methods
Introduction into Security Analytics Methods Introduction into Security Analytics Methods
Introduction into Security Analytics Methods
 
SplunkLive! Stockholm 2019 - Customer presentation: ISS
SplunkLive! Stockholm 2019 - Customer presentation: ISS SplunkLive! Stockholm 2019 - Customer presentation: ISS
SplunkLive! Stockholm 2019 - Customer presentation: ISS
 
SplunkLive! London 2017 - Splunk Overview
SplunkLive! London 2017 - Splunk OverviewSplunkLive! London 2017 - Splunk Overview
SplunkLive! London 2017 - Splunk Overview
 
Clear the Mist from your Clouds with Splunk
Clear the Mist from your Clouds with SplunkClear the Mist from your Clouds with Splunk
Clear the Mist from your Clouds with Splunk
 
Splunk Discovery: Milan 2018 - Intro to Security Analytics Methods
Splunk Discovery: Milan 2018 - Intro to Security Analytics MethodsSplunk Discovery: Milan 2018 - Intro to Security Analytics Methods
Splunk Discovery: Milan 2018 - Intro to Security Analytics Methods
 
SplunkLive! London 2017 - An End-To-End Approach: Detect via Behavious and Re...
SplunkLive! London 2017 - An End-To-End Approach: Detect via Behavious and Re...SplunkLive! London 2017 - An End-To-End Approach: Detect via Behavious and Re...
SplunkLive! London 2017 - An End-To-End Approach: Detect via Behavious and Re...
 
SplunkLive! Paris 2018: Integrating Metrics and Logs
SplunkLive! Paris 2018: Integrating Metrics and LogsSplunkLive! Paris 2018: Integrating Metrics and Logs
SplunkLive! Paris 2018: Integrating Metrics and Logs
 
Financial Services Forum_New York, May 17, 2017
Financial Services Forum_New York, May 17, 2017Financial Services Forum_New York, May 17, 2017
Financial Services Forum_New York, May 17, 2017
 
SplunkLive! London 2017 - Build a Security Portfolio That Strengthens Your Se...
SplunkLive! London 2017 - Build a Security Portfolio That Strengthens Your Se...SplunkLive! London 2017 - Build a Security Portfolio That Strengthens Your Se...
SplunkLive! London 2017 - Build a Security Portfolio That Strengthens Your Se...
 
SplunkLive! Paris 2018: Splunk Overview
SplunkLive! Paris 2018: Splunk OverviewSplunkLive! Paris 2018: Splunk Overview
SplunkLive! Paris 2018: Splunk Overview
 
Splunk Discovery: Milan 2018 - Splunk Overview
Splunk Discovery: Milan 2018 - Splunk OverviewSplunk Discovery: Milan 2018 - Splunk Overview
Splunk Discovery: Milan 2018 - Splunk Overview
 
SplunkLive! Paris 2018: Plenary Session
SplunkLive! Paris 2018: Plenary SessionSplunkLive! Paris 2018: Plenary Session
SplunkLive! Paris 2018: Plenary Session
 
Danfoss - Splunk for Vulnerability Management
Danfoss - Splunk for Vulnerability ManagementDanfoss - Splunk for Vulnerability Management
Danfoss - Splunk for Vulnerability Management
 
Drive More Value from your SOC Through Connecting Security to the Business
Drive More Value from your SOC Through Connecting Security to the BusinessDrive More Value from your SOC Through Connecting Security to the Business
Drive More Value from your SOC Through Connecting Security to the Business
 
Splunk Forum Frankfurt - 15th Nov 2017 - Building SOC with Splunk
Splunk Forum Frankfurt - 15th Nov 2017 - Building SOC with SplunkSplunk Forum Frankfurt - 15th Nov 2017 - Building SOC with Splunk
Splunk Forum Frankfurt - 15th Nov 2017 - Building SOC with Splunk
 

Semelhante a Partner Exec Summit 2018 - Frankfurt: Analytics-driven Security und SOAR

SplunkLive! Munich 2018: Use Splunk for incident Response, Orchestration and ...
SplunkLive! Munich 2018: Use Splunk for incident Response, Orchestration and ...SplunkLive! Munich 2018: Use Splunk for incident Response, Orchestration and ...
SplunkLive! Munich 2018: Use Splunk for incident Response, Orchestration and ...Splunk
 
Splunk live nyc_2017_sec_buildinganalyticsdrivensoc
Splunk live nyc_2017_sec_buildinganalyticsdrivensocSplunk live nyc_2017_sec_buildinganalyticsdrivensoc
Splunk live nyc_2017_sec_buildinganalyticsdrivensocRene Aguero
 
Splunk Discovery Dusseldorf: September 2017 - Security Session
Splunk Discovery Dusseldorf: September 2017 - Security SessionSplunk Discovery Dusseldorf: September 2017 - Security Session
Splunk Discovery Dusseldorf: September 2017 - Security SessionSplunk
 
Security crawl walk run presentation mckay v1 2017
Security crawl walk run presentation mckay v1 2017Security crawl walk run presentation mckay v1 2017
Security crawl walk run presentation mckay v1 2017Adam Tice
 
Splunk for Enterprise Security featuring User Behavior Analytics
Splunk for Enterprise Security featuring User Behavior AnalyticsSplunk for Enterprise Security featuring User Behavior Analytics
Splunk for Enterprise Security featuring User Behavior AnalyticsSplunk
 
Splunk for Enterprise Security and User Behavior Analytics
Splunk for Enterprise Security and User Behavior Analytics Splunk for Enterprise Security and User Behavior Analytics
Splunk for Enterprise Security and User Behavior AnalyticsSplunk
 
Splunk for Enterprise Security Featuring UBA
Splunk for Enterprise Security Featuring UBASplunk for Enterprise Security Featuring UBA
Splunk for Enterprise Security Featuring UBASplunk
 
Learn how to use an Analytics-Driven SIEM for your Security Operations
Learn how to use an Analytics-Driven SIEM for your Security OperationsLearn how to use an Analytics-Driven SIEM for your Security Operations
Learn how to use an Analytics-Driven SIEM for your Security OperationsSplunk
 
Using Machine Learning and Analytics to Hunt for Security Threats - Webinar
Using Machine Learning and Analytics to Hunt for Security Threats - WebinarUsing Machine Learning and Analytics to Hunt for Security Threats - Webinar
Using Machine Learning and Analytics to Hunt for Security Threats - WebinarSplunk
 
Splunk Discovery Day Dubai 2017 - Security Keynote
Splunk Discovery Day Dubai 2017 - Security KeynoteSplunk Discovery Day Dubai 2017 - Security Keynote
Splunk Discovery Day Dubai 2017 - Security KeynoteSplunk
 
Splunk for AIOps: Reduce IT outages through prediction with machine learning
Splunk for AIOps: Reduce IT outages through prediction with machine learningSplunk for AIOps: Reduce IT outages through prediction with machine learning
Splunk for AIOps: Reduce IT outages through prediction with machine learningDigital Transformation EXPO Event Series
 
Splunk for Enterprise Security featuring User Behavior Analytics
Splunk for Enterprise Security featuring User Behavior Analytics Splunk for Enterprise Security featuring User Behavior Analytics
Splunk for Enterprise Security featuring User Behavior Analytics Splunk
 
SplunkLive! Zurich 2018: Use Splunk for Incident Response, Orchestration and ...
SplunkLive! Zurich 2018: Use Splunk for Incident Response, Orchestration and ...SplunkLive! Zurich 2018: Use Splunk for Incident Response, Orchestration and ...
SplunkLive! Zurich 2018: Use Splunk for Incident Response, Orchestration and ...Splunk
 
Splunk for Enterprise Security Featuring User Behavior Analytics
Splunk for Enterprise Security Featuring User Behavior Analytics Splunk for Enterprise Security Featuring User Behavior Analytics
Splunk for Enterprise Security Featuring User Behavior Analytics Splunk
 
Splunk for Enterprise Security featuring UBA Breakout Session
Splunk for Enterprise Security featuring UBA Breakout SessionSplunk for Enterprise Security featuring UBA Breakout Session
Splunk for Enterprise Security featuring UBA Breakout SessionSplunk
 
Webinar: Neues zur Splunk App for Enterprise Security
Webinar: Neues zur Splunk App for Enterprise SecurityWebinar: Neues zur Splunk App for Enterprise Security
Webinar: Neues zur Splunk App for Enterprise SecurityGeorg Knon
 
Splunk Discovery Köln - 17-01-2020 - Accelerate Incident Response
Splunk Discovery Köln - 17-01-2020 - Accelerate Incident ResponseSplunk Discovery Köln - 17-01-2020 - Accelerate Incident Response
Splunk Discovery Köln - 17-01-2020 - Accelerate Incident ResponseSplunk
 
Splunk Discovery: Warsaw 2018 - Solve Your Security Challenges with Splunk En...
Splunk Discovery: Warsaw 2018 - Solve Your Security Challenges with Splunk En...Splunk Discovery: Warsaw 2018 - Solve Your Security Challenges with Splunk En...
Splunk Discovery: Warsaw 2018 - Solve Your Security Challenges with Splunk En...Splunk
 
SplunkLive! London 2017 - Happy Apps, Happy Users
SplunkLive! London 2017 - Happy Apps, Happy UsersSplunkLive! London 2017 - Happy Apps, Happy Users
SplunkLive! London 2017 - Happy Apps, Happy UsersSplunk
 

Semelhante a Partner Exec Summit 2018 - Frankfurt: Analytics-driven Security und SOAR (20)

SplunkLive! Munich 2018: Use Splunk for incident Response, Orchestration and ...
SplunkLive! Munich 2018: Use Splunk for incident Response, Orchestration and ...SplunkLive! Munich 2018: Use Splunk for incident Response, Orchestration and ...
SplunkLive! Munich 2018: Use Splunk for incident Response, Orchestration and ...
 
Splunk live nyc_2017_sec_buildinganalyticsdrivensoc
Splunk live nyc_2017_sec_buildinganalyticsdrivensocSplunk live nyc_2017_sec_buildinganalyticsdrivensoc
Splunk live nyc_2017_sec_buildinganalyticsdrivensoc
 
Splunk Discovery Dusseldorf: September 2017 - Security Session
Splunk Discovery Dusseldorf: September 2017 - Security SessionSplunk Discovery Dusseldorf: September 2017 - Security Session
Splunk Discovery Dusseldorf: September 2017 - Security Session
 
Security crawl walk run presentation mckay v1 2017
Security crawl walk run presentation mckay v1 2017Security crawl walk run presentation mckay v1 2017
Security crawl walk run presentation mckay v1 2017
 
Splunk for Enterprise Security featuring User Behavior Analytics
Splunk for Enterprise Security featuring User Behavior AnalyticsSplunk for Enterprise Security featuring User Behavior Analytics
Splunk for Enterprise Security featuring User Behavior Analytics
 
Splunk for Enterprise Security and User Behavior Analytics
Splunk for Enterprise Security and User Behavior Analytics Splunk for Enterprise Security and User Behavior Analytics
Splunk for Enterprise Security and User Behavior Analytics
 
Splunk for Enterprise Security Featuring UBA
Splunk for Enterprise Security Featuring UBASplunk for Enterprise Security Featuring UBA
Splunk for Enterprise Security Featuring UBA
 
Learn how to use an Analytics-Driven SIEM for your Security Operations
Learn how to use an Analytics-Driven SIEM for your Security OperationsLearn how to use an Analytics-Driven SIEM for your Security Operations
Learn how to use an Analytics-Driven SIEM for your Security Operations
 
Using Machine Learning and Analytics to Hunt for Security Threats - Webinar
Using Machine Learning and Analytics to Hunt for Security Threats - WebinarUsing Machine Learning and Analytics to Hunt for Security Threats - Webinar
Using Machine Learning and Analytics to Hunt for Security Threats - Webinar
 
Splunk Discovery Day Dubai 2017 - Security Keynote
Splunk Discovery Day Dubai 2017 - Security KeynoteSplunk Discovery Day Dubai 2017 - Security Keynote
Splunk Discovery Day Dubai 2017 - Security Keynote
 
Splunk for AIOps: Reduce IT outages through prediction with machine learning
Splunk for AIOps: Reduce IT outages through prediction with machine learningSplunk for AIOps: Reduce IT outages through prediction with machine learning
Splunk for AIOps: Reduce IT outages through prediction with machine learning
 
Splunk for Enterprise Security featuring User Behavior Analytics
Splunk for Enterprise Security featuring User Behavior Analytics Splunk for Enterprise Security featuring User Behavior Analytics
Splunk for Enterprise Security featuring User Behavior Analytics
 
Splunk-Presentation
Splunk-Presentation Splunk-Presentation
Splunk-Presentation
 
SplunkLive! Zurich 2018: Use Splunk for Incident Response, Orchestration and ...
SplunkLive! Zurich 2018: Use Splunk for Incident Response, Orchestration and ...SplunkLive! Zurich 2018: Use Splunk for Incident Response, Orchestration and ...
SplunkLive! Zurich 2018: Use Splunk for Incident Response, Orchestration and ...
 
Splunk for Enterprise Security Featuring User Behavior Analytics
Splunk for Enterprise Security Featuring User Behavior Analytics Splunk for Enterprise Security Featuring User Behavior Analytics
Splunk for Enterprise Security Featuring User Behavior Analytics
 
Splunk for Enterprise Security featuring UBA Breakout Session
Splunk for Enterprise Security featuring UBA Breakout SessionSplunk for Enterprise Security featuring UBA Breakout Session
Splunk for Enterprise Security featuring UBA Breakout Session
 
Webinar: Neues zur Splunk App for Enterprise Security
Webinar: Neues zur Splunk App for Enterprise SecurityWebinar: Neues zur Splunk App for Enterprise Security
Webinar: Neues zur Splunk App for Enterprise Security
 
Splunk Discovery Köln - 17-01-2020 - Accelerate Incident Response
Splunk Discovery Köln - 17-01-2020 - Accelerate Incident ResponseSplunk Discovery Köln - 17-01-2020 - Accelerate Incident Response
Splunk Discovery Köln - 17-01-2020 - Accelerate Incident Response
 
Splunk Discovery: Warsaw 2018 - Solve Your Security Challenges with Splunk En...
Splunk Discovery: Warsaw 2018 - Solve Your Security Challenges with Splunk En...Splunk Discovery: Warsaw 2018 - Solve Your Security Challenges with Splunk En...
Splunk Discovery: Warsaw 2018 - Solve Your Security Challenges with Splunk En...
 
SplunkLive! London 2017 - Happy Apps, Happy Users
SplunkLive! London 2017 - Happy Apps, Happy UsersSplunkLive! London 2017 - Happy Apps, Happy Users
SplunkLive! London 2017 - Happy Apps, Happy Users
 

Mais de Splunk

.conf Go 2023 - Data analysis as a routine
.conf Go 2023 - Data analysis as a routine.conf Go 2023 - Data analysis as a routine
.conf Go 2023 - Data analysis as a routineSplunk
 
.conf Go 2023 - How KPN drives Customer Satisfaction on IPTV
.conf Go 2023 - How KPN drives Customer Satisfaction on IPTV.conf Go 2023 - How KPN drives Customer Satisfaction on IPTV
.conf Go 2023 - How KPN drives Customer Satisfaction on IPTVSplunk
 
.conf Go 2023 - Navegando la normativa SOX (Telefónica)
.conf Go 2023 - Navegando la normativa SOX (Telefónica).conf Go 2023 - Navegando la normativa SOX (Telefónica)
.conf Go 2023 - Navegando la normativa SOX (Telefónica)Splunk
 
.conf Go 2023 - Raiffeisen Bank International
.conf Go 2023 - Raiffeisen Bank International.conf Go 2023 - Raiffeisen Bank International
.conf Go 2023 - Raiffeisen Bank InternationalSplunk
 
.conf Go 2023 - På liv og død Om sikkerhetsarbeid i Norsk helsenett
.conf Go 2023 - På liv og død Om sikkerhetsarbeid i Norsk helsenett .conf Go 2023 - På liv og død Om sikkerhetsarbeid i Norsk helsenett
.conf Go 2023 - På liv og død Om sikkerhetsarbeid i Norsk helsenett Splunk
 
.conf Go 2023 - Many roads lead to Rome - this was our journey (Julius Bär)
.conf Go 2023 - Many roads lead to Rome - this was our journey (Julius Bär).conf Go 2023 - Many roads lead to Rome - this was our journey (Julius Bär)
.conf Go 2023 - Many roads lead to Rome - this was our journey (Julius Bär)Splunk
 
.conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu...
.conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu....conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu...
.conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu...Splunk
 
.conf go 2023 - Cyber Resilienz – Herausforderungen und Ansatz für Energiever...
.conf go 2023 - Cyber Resilienz – Herausforderungen und Ansatz für Energiever....conf go 2023 - Cyber Resilienz – Herausforderungen und Ansatz für Energiever...
.conf go 2023 - Cyber Resilienz – Herausforderungen und Ansatz für Energiever...Splunk
 
.conf go 2023 - De NOC a CSIRT (Cellnex)
.conf go 2023 - De NOC a CSIRT (Cellnex).conf go 2023 - De NOC a CSIRT (Cellnex)
.conf go 2023 - De NOC a CSIRT (Cellnex)Splunk
 
conf go 2023 - El camino hacia la ciberseguridad (ABANCA)
conf go 2023 - El camino hacia la ciberseguridad (ABANCA)conf go 2023 - El camino hacia la ciberseguridad (ABANCA)
conf go 2023 - El camino hacia la ciberseguridad (ABANCA)Splunk
 
Splunk - BMW connects business and IT with data driven operations SRE and O11y
Splunk - BMW connects business and IT with data driven operations SRE and O11ySplunk - BMW connects business and IT with data driven operations SRE and O11y
Splunk - BMW connects business and IT with data driven operations SRE and O11ySplunk
 
Splunk x Freenet - .conf Go Köln
Splunk x Freenet - .conf Go KölnSplunk x Freenet - .conf Go Köln
Splunk x Freenet - .conf Go KölnSplunk
 
Splunk Security Session - .conf Go Köln
Splunk Security Session - .conf Go KölnSplunk Security Session - .conf Go Köln
Splunk Security Session - .conf Go KölnSplunk
 
Data foundations building success, at city scale – Imperial College London
Data foundations building success, at city scale – Imperial College London Data foundations building success, at city scale – Imperial College London
Data foundations building success, at city scale – Imperial College LondonSplunk
 
Splunk: How Vodafone established Operational Analytics in a Hybrid Environmen...
Splunk: How Vodafone established Operational Analytics in a Hybrid Environmen...Splunk: How Vodafone established Operational Analytics in a Hybrid Environmen...
Splunk: How Vodafone established Operational Analytics in a Hybrid Environmen...Splunk
 
SOC, Amore Mio! | Security Webinar
SOC, Amore Mio! | Security WebinarSOC, Amore Mio! | Security Webinar
SOC, Amore Mio! | Security WebinarSplunk
 
.conf Go 2022 - Observability Session
.conf Go 2022 - Observability Session.conf Go 2022 - Observability Session
.conf Go 2022 - Observability SessionSplunk
 
.conf Go Zurich 2022 - Keynote
.conf Go Zurich 2022 - Keynote.conf Go Zurich 2022 - Keynote
.conf Go Zurich 2022 - KeynoteSplunk
 
.conf Go Zurich 2022 - Platform Session
.conf Go Zurich 2022 - Platform Session.conf Go Zurich 2022 - Platform Session
.conf Go Zurich 2022 - Platform SessionSplunk
 
.conf Go Zurich 2022 - Security Session
.conf Go Zurich 2022 - Security Session.conf Go Zurich 2022 - Security Session
.conf Go Zurich 2022 - Security SessionSplunk
 

Mais de Splunk (20)

.conf Go 2023 - Data analysis as a routine
.conf Go 2023 - Data analysis as a routine.conf Go 2023 - Data analysis as a routine
.conf Go 2023 - Data analysis as a routine
 
.conf Go 2023 - How KPN drives Customer Satisfaction on IPTV
.conf Go 2023 - How KPN drives Customer Satisfaction on IPTV.conf Go 2023 - How KPN drives Customer Satisfaction on IPTV
.conf Go 2023 - How KPN drives Customer Satisfaction on IPTV
 
.conf Go 2023 - Navegando la normativa SOX (Telefónica)
.conf Go 2023 - Navegando la normativa SOX (Telefónica).conf Go 2023 - Navegando la normativa SOX (Telefónica)
.conf Go 2023 - Navegando la normativa SOX (Telefónica)
 
.conf Go 2023 - Raiffeisen Bank International
.conf Go 2023 - Raiffeisen Bank International.conf Go 2023 - Raiffeisen Bank International
.conf Go 2023 - Raiffeisen Bank International
 
.conf Go 2023 - På liv og død Om sikkerhetsarbeid i Norsk helsenett
.conf Go 2023 - På liv og død Om sikkerhetsarbeid i Norsk helsenett .conf Go 2023 - På liv og død Om sikkerhetsarbeid i Norsk helsenett
.conf Go 2023 - På liv og død Om sikkerhetsarbeid i Norsk helsenett
 
.conf Go 2023 - Many roads lead to Rome - this was our journey (Julius Bär)
.conf Go 2023 - Many roads lead to Rome - this was our journey (Julius Bär).conf Go 2023 - Many roads lead to Rome - this was our journey (Julius Bär)
.conf Go 2023 - Many roads lead to Rome - this was our journey (Julius Bär)
 
.conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu...
.conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu....conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu...
.conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu...
 
.conf go 2023 - Cyber Resilienz – Herausforderungen und Ansatz für Energiever...
.conf go 2023 - Cyber Resilienz – Herausforderungen und Ansatz für Energiever....conf go 2023 - Cyber Resilienz – Herausforderungen und Ansatz für Energiever...
.conf go 2023 - Cyber Resilienz – Herausforderungen und Ansatz für Energiever...
 
.conf go 2023 - De NOC a CSIRT (Cellnex)
.conf go 2023 - De NOC a CSIRT (Cellnex).conf go 2023 - De NOC a CSIRT (Cellnex)
.conf go 2023 - De NOC a CSIRT (Cellnex)
 
conf go 2023 - El camino hacia la ciberseguridad (ABANCA)
conf go 2023 - El camino hacia la ciberseguridad (ABANCA)conf go 2023 - El camino hacia la ciberseguridad (ABANCA)
conf go 2023 - El camino hacia la ciberseguridad (ABANCA)
 
Splunk - BMW connects business and IT with data driven operations SRE and O11y
Splunk - BMW connects business and IT with data driven operations SRE and O11ySplunk - BMW connects business and IT with data driven operations SRE and O11y
Splunk - BMW connects business and IT with data driven operations SRE and O11y
 
Splunk x Freenet - .conf Go Köln
Splunk x Freenet - .conf Go KölnSplunk x Freenet - .conf Go Köln
Splunk x Freenet - .conf Go Köln
 
Splunk Security Session - .conf Go Köln
Splunk Security Session - .conf Go KölnSplunk Security Session - .conf Go Köln
Splunk Security Session - .conf Go Köln
 
Data foundations building success, at city scale – Imperial College London
Data foundations building success, at city scale – Imperial College London Data foundations building success, at city scale – Imperial College London
Data foundations building success, at city scale – Imperial College London
 
Splunk: How Vodafone established Operational Analytics in a Hybrid Environmen...
Splunk: How Vodafone established Operational Analytics in a Hybrid Environmen...Splunk: How Vodafone established Operational Analytics in a Hybrid Environmen...
Splunk: How Vodafone established Operational Analytics in a Hybrid Environmen...
 
SOC, Amore Mio! | Security Webinar
SOC, Amore Mio! | Security WebinarSOC, Amore Mio! | Security Webinar
SOC, Amore Mio! | Security Webinar
 
.conf Go 2022 - Observability Session
.conf Go 2022 - Observability Session.conf Go 2022 - Observability Session
.conf Go 2022 - Observability Session
 
.conf Go Zurich 2022 - Keynote
.conf Go Zurich 2022 - Keynote.conf Go Zurich 2022 - Keynote
.conf Go Zurich 2022 - Keynote
 
.conf Go Zurich 2022 - Platform Session
.conf Go Zurich 2022 - Platform Session.conf Go Zurich 2022 - Platform Session
.conf Go Zurich 2022 - Platform Session
 
.conf Go Zurich 2022 - Security Session
.conf Go Zurich 2022 - Security Session.conf Go Zurich 2022 - Security Session
.conf Go Zurich 2022 - Security Session
 

Último

HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesBoston Institute of Analytics
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024The Digital Insurer
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024SynarionITSolutions
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 

Último (20)

HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 

Partner Exec Summit 2018 - Frankfurt: Analytics-driven Security und SOAR

  • 1. © 2017 SPLUNK INC. Analytics-Driven Security und Security Orchestration Automation And Response Angelo Brancato CISSP, CISM, CCSK | Security Specialist, EMEA NOVEMBER 21ST, FRANKFURT AM MAIN
  • 2. © 2017 SPLUNK INC. During the course of this presentation, we may make forward-looking statements regarding future events or the expected performance of the company. We caution you that such statements reflect our current expectations and estimates based on factors currently known to us and that actual events or results could differ materially. For important factors that may cause actual results to differ from those contained in our forward-looking statements, please review our filings with the SEC. The forward-looking statements made in this presentation are being made as of the time and date of its live presentation. If reviewed after its live presentation, this presentation may not contain current or accurate information. We do not assume any obligation to update any forward looking statements we may make. In addition, any information about our roadmap outlines our general product direction and is subject to change at any time without notice. It is for informational purposes only and shall not be incorporated into any contract or other commitment. Splunk undertakes no obligation either to develop the features or functionality described or to include any such feature or functionality in a future release. Splunk, Splunk>, Listen to Your Data, The Engine for Machine Data, Splunk Cloud, Splunk Light and SPL are trademarks and registered trademarks of Splunk Inc. in the United States and other countries. All other brand names, product names, or trademarks belong to their respective owners. © 2017 Splunk Inc. All rights reserved. Forward-Looking Statements
  • 3. © 2017 SPLUNK INC. Splunk turns machine data into answers Network Servers DevOps Users Cloud Security Databases O F T H E Same Data D I F F E R E N T People A S K I N G D I F F E R E N T Questions
  • 4. © 2017 SPLUNK INC. Splunk was built for change from the beginning Send unstructured data from all systems, devices and people Splunk doesn’t structure your data until you start to ask it questions Suite of tools empower you to investigate, monitor and act on any data, anywhere Ideal to detect everchanging cyber attacks
  • 5. THREATS ARE MORE COMPLEX AND FAR REACHING NOT CLOSING THE SKILLS GAP SECURITY TO ENABLE BUSINESS AND THE MISSION
  • 6. T I E R 1 A N A LY S T W O R K W I L L B E A U T O M AT E D T I M E N O W S P E N T T U N I N G D E T E C T I O N A N D R E S P O N S E L O G I C P L AT F O R M T O O R C H E S T R AT E T H E M A L L 90% 50% 1
  • 7. © 2018 SPLUNK INC. Splunk Security Portfolio DATA PLATFORM ANALYTICS OPERATIONS Platform for Machine Data
  • 8. © 2018 SPLUNK INC. Splunk Security Portfolio DATA PLATFORM ANALYTICS OPERATIONS Platform for Machine Data Search and Investigate Proactive Monitoring and Alerting Security Situational Awareness Real-time Risk Insight & Automation Reactive Proactive Level 1 Level 2 Level 3 Level 4
  • 9. © 2017 SPLUNK INC. Search and Investigate Proactive Monitoring and Alerting Security Situational Awareness Real-time Risk Insight & Automation Reactive Proactive Level 1 Level 2 Level 3 Level 4 DATA PLATFORM ANALYTICS OPERATIONS Platform for Machine Data + Free Apps 125+ Examples, with 180+ Searches Data Onboarding Guides Content Mapping (MITRE ATT&CK, Killchain etc.) Mapping to Premium Apps On-Prem, Cloud, SaaS or Hybrid Performance at Scale Open Ecosystem Native ML/AI Integration
  • 10. © 2017 SPLUNK INC. Search and Investigate Proactive Monitoring and Alerting Security Situational Awareness Real-time Risk Insight & Automation Reactive Proactive Level 1 Level 2 Level 3 Level 4 DATA PLATFORM ANALYTICS OPERATIONS Platform for Machine Data + Free Apps ... Many great, free Apps to solve a specific Problem
  • 11. © 2017 SPLUNK INC. Search and Investigate Proactive Monitoring and Alerting Security Situational Awareness Real-time Risk Insight & Automation Reactive Proactive Level 1 Level 2 Level 3 Level 4 DATA PLATFORM ANALYTICS OPERATIONS Platform for Machine Data ASSET AND IDENTITY CORRELATION NOTABLE EVENT & INVESTIGATION THREAT INTELLIGENCE RISK ANALYSIS ADAPTIVE RESPONSE CONTENT UPDATE +
  • 12. © 2017 SPLUNK INC. Search and Investigate Proactive Monitoring and Alerting Security Situational Awareness Real-time Risk Insight & Automation Reactive Proactive Level 1 Level 2 Level 3 Level 4 DATA PLATFORM ANALYTICS OPERATIONS Platform for Machine Data + MATHMATICAL STATISTICAL CALCULATION ANOMALIES / PREDICTION ANALYTICS DRIVEN SECURITY Correlations and notable events EVENT & INFORMATION CORRELATION RISK
  • 13. © 2017 SPLUNK INC. Event Sequencing to optimize threat detection and accelerate investigation Use Case Library for faster detection and incident response Updated Investigation Workbench to reduce time to contain and remediate .Conf2018 Release Splunk Enterprise Security 5.2
  • 14. © 2017 SPLUNK INC. Search and Investigate Proactive Monitoring and Alerting Security Situational Awareness Real-time Risk Insight & Automation Reactive Proactive Level 1 Level 2 Level 3 Level 4 DATA PLATFORM ANALYTICS OPERATIONS Platform for Machine Data + + Realm of Known Realm of Unknown
  • 15. © 2017 SPLUNK INC. Splunk-to-Kafka UBA ingestion for enhanced performance and reliability User Feedback Learning to improve threat detection and anomaly customization Native UBA SSO authentication support for IAM tools .Conf2018 Release Splunk User Behavior Analytics 4.2
  • 16. © 2017 SPLUNK INC. Search and Investigate Proactive Monitoring and Alerting Security Situational Awareness Real-time Risk Insight & Automation Reactive Proactive Level 1 Level 2 Level 3 Level 4 DATA PLATFORM ANALYTICS OPERATIONS Platform for Machine Data + +
  • 17. © 2017 SPLUNK INC. Search and Investigate Proactive Monitoring and Alerting Security Situational Awareness Real-time Risk Insight & Automation Reactive Proactive Level 1 Level 2 Level 3 Level 4 DATA PLATFORM ANALYTICS OPERATIONS Platform for Machine Data + + Optional Optional
  • 18. Decision Making Acting SIEM THREAT INTEL PLATFORM HADOOP GRC AUTOMATED MANUAL (TODAY) FIREWALL IDS / IPS ENDPOINT WAF ADVANCED MALWARE FORENSICS MALWARE DETONATION FIREWALL IDS / IPS ENDPOINT WAF ADVANCED MALWARE FORENSICS MALWARE DETONATION TIER 1 TIER 2 TIER 3 Observe Point Products Orient Analytics SOAR for Security Operations Faster execution through the loop yields better security
  • 19. Decision Making Acting SIEM THREAT INTEL PLATFORM HADOOP GRC AUTOMATED AUTOMATED WITH PHANTOM FIREWALL IDS / IPS ENDPOINT WAF ADVANCED MALWARE FORENSICS MALWARE DETONATION FIREWALL IDS / IPS ENDPOINT WAF ADVANCED MALWARE FORENSICS MALWARE DETONATION TIER 1 TIER 2 TIER 3 Observe Point Products Orient Analytics SOAR for Security Operations Faster execution through the loop yields better security ACTION RESULTS / FEEDBACK LOOP
  • 20. © 2017 SPLUNK INC. SplunkSANDBOX QUERY RECIPIENTS USER PROFILE HUNT FILE HUNT FILE FILE REPUTATION FILE ASSESSMENT RUN PLAYBOOK “REMEDIATE" EMAIL ALERT Automated Malware Investigation “Automation with Phantom enables us to process malware email alerts in about 40 seconds vs. 30 minutes or more.” Adam Fletcher CISO, Blackstone A Phantom Case Study
  • 21. © 2017 SPLUNK INC. Clustering support for scale, performance and redundancy Indicator View for improved threat analysis and hunting Integrated Splunk Search, the only SOAR platform with this capability ANNOUNCING Splunk Phantom 4.1
  • 22. © 2017 SPLUNK INC. Cloud Security Endpoints Orchestration WAF & App Security Threat Intelligence Network Web Proxy Firewall Identity and Access The thought process The intuition The reflexes Machine Learning & Adaptive Operations & Analytics Driven Security & Splunk as the Security Nerve Center
  • 23. © 2017 SPLUNK INC. Cloud Security Endpoints Orchestration WAF & App Security Threat Intelligence Network Web Proxy Firewall Identity and Access The thought process The intuition The reflexes Machine Learning & Adaptive Operations & Analytics Driven Security & Splunk as the Security Nerve Center T I E R 1 A N A LY S T W O R K W I L L B E A U T O M AT E D T I M E N O W S P E N T T U N I N G D E T E C T I O N A N D R E S P O N S E L O G I C P L AT F O R M T O O R C H E S T R AT E T H E M A L L 90% 50% 1
  • 24. © 2017 SPLUNK INC. SPLUNK User Behavior Analytics 4.2 SPLUNK Enterprise Security 5.2 SPLUNK Phantom 4.1 Event Sequencing Accelerate Investigation User Feedback Targeted Hunting Indicator View Faster Remediation Use Case Library Container-Based Architecture Clustering Support User Management UI SECURITY PREMIUM APPS – Conf18 Releases
  • 25. © 2017 SPLUNK INC. THANK YOU!