Splunk .conf19

Las Vegas, NV | October 21-24, 2019

Red Canary is honored to have been selected to present two talks at Splunk .conf19. With over 300 education sessions and thousands of information security enthusiasts, there will be ample opportunities to learn new skills.

If you’re attending, be sure to add Red Canary’s talks to your schedule!

Michael Haag, Director of Advanced Threat Detection

Finding Evil is Never an Accident: How to Hunt in BOTS

Tuesday, October 22, 4:15 PM 

To secure the modern endpoint, you need sufficient data, the right visibility and analysis, and the technology to stop an intrusion. This session will leverage BOTSv4 data to help you test and validate Splunk use cases related to hunting threats using endpoint data. We will cover several real-world case studies as described in MITRE ATT&CK™, simulating adversary groups by using Atomic Red Team tests.

Get to know Mike
Keshia LeVan, Detection Engineer

Measure What Matters to Streamline Security Operations with Splunk 

Wednesday, October 23, 2:00 PM 

How do you tame an event queue that’s ballooning out of control? You first need to know which rules and data sources are generating a high volume of alerts, then you can evaluate the security value you’re getting from them. This session will discuss how Splunk empowers us to perform advanced analytics on everything from alert conversion rates to human time expenditure so we can optimize all processes related to alerting.

Get to know Keshia
Operationalizing Data With the Carbon Black and Splunk Integration (Part 1)
Operationalizing Carbon Black Response with Splunk (Part 2): Advanced Data Analysis
5 Ways Carbon Black Response Data in Splunk Can Improve Your Security
Driving Efficacy Through Detector Tuning: a Deeper Dive Into Detection Engineering

Subscribe to our newsletter to keep up to date with Red Canary

[hubspot type=form portal=1860440 id=afc85112-b0f7-47cf-8d1f-f920235fa51e]