Sign up to save your podcasts
Or
Share ATT&CK™ Yourself Before Someone Else Does [Splunk Enterprise, Splunk Enterprise Security, Phantom]
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
![Splunk [Phantom] 2019 .conf Videos w/ Slides](https://podcast-api-images.s3.amazonaws.com/corona/show/927195/logo_300x300.png){kind=logo}
ATT&CK™ Yourself Before Someone Else Does [Splunk Enterprise, Splunk Enterprise Security, Phantom]
Do you love the idea of the MITRE ATT&CK™ framework, but you’re not sure how to use it in your Splunk-centric security program? This talk will teach you practical ways to use the framework in your own organization and the Splunk security tools that will help you do so. We'll start the talk by identifying an adversary and some of their known techniques, and then we'll show how to choose an appropriate set of detections and how to test whether those detections are working as expected. You'll leave the talk better able to take advantage of threat intelligence, cover the right set of ATT&CK™ tactics and adversary groups, and eliminate organizational blind spots.
Speaker(s)
BOTSFATHER Kovar, Principal Security Strategist, Splunk
John Stoner, Principal Security Strategist, Splunk
Dave Herrald, Principal Security Strategist, Splunk
BOTSFATHER Kovar, Principal Security Strategist, Splunk
John Stoner, Principal Security Strategist, Splunk
Dave Herrald, Principal Security Strategist, Splunk
Slides PDF link - https://conf.splunk.com/files/2019/slides/SEC1927.pdf?podcast=1576909570
View all episodes
By SplunkDo you love the idea of the MITRE ATT&CK™ framework, but you’re not sure how to use it in your Splunk-centric security program? This talk will teach you practical ways to use the framework in your own organization and the Splunk security tools that will help you do so. We'll start the talk by identifying an adversary and some of their known techniques, and then we'll show how to choose an appropriate set of detections and how to test whether those detections are working as expected. You'll leave the talk better able to take advantage of threat intelligence, cover the right set of ATT&CK™ tactics and adversary groups, and eliminate organizational blind spots.
Speaker(s)
BOTSFATHER Kovar, Principal Security Strategist, Splunk
John Stoner, Principal Security Strategist, Splunk
Dave Herrald, Principal Security Strategist, Splunk
BOTSFATHER Kovar, Principal Security Strategist, Splunk
John Stoner, Principal Security Strategist, Splunk
Dave Herrald, Principal Security Strategist, Splunk
Slides PDF link - https://conf.splunk.com/files/2019/slides/SEC1927.pdf?podcast=1576909570