Join us at .Conf19 for talks by:
Michael Haag, Director of Advanced Threat Detection
Finding Evil is Never an Accident: How to Hunt in BOTS
Tuesday, October 22, 4:15 PM
To secure the modern endpoint, you need sufficient data, the right visibility and analysis, and the technology to stop an intrusion. This session will leverage BOTSv4 data to help you test and validate Splunk use cases related to hunting threats using endpoint data. We will cover several real-world case studies as described in MITRE ATT&CK™, simulating adversary groups by using Atomic Red Team tests.
Get to know Mike
Keshia LeVan, Detection Engineer
Measure What Matters to Streamline Security Operations with Splunk
Wednesday, October 23, 2:00 PM
How do you tame an event queue that’s ballooning out of control? You first need to know which rules and data sources are generating a high volume of alerts, then you can evaluate the security value you’re getting from them. This session will discuss how Splunk empowers us to perform advanced analytics on everything from alert conversion rates to human time expenditure so we can optimize all processes related to alerting.