Sign up to save your podcasts
Or
Share Beyond Tier 1 Automation: The Hidden Value of Splunk Phantom Automation for Security Operations [Splunk Enterprise, Phantom]
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
![Splunk [Phantom] 2019 .conf Videos w/ Slides](https://podcast-api-images.s3.amazonaws.com/corona/show/927195/logo_300x300.png){kind=logo}
Beyond Tier 1 Automation: The Hidden Value of Splunk Phantom Automation for Security Operations [Splunk Enterprise, Phantom]
You've probably heard examples of Splunk Phantom automating 90% of Tier 1 processes, but did you know that Phantom improves human-lead processes too? Come learn about the hidden value of validation and utility playbooks from Penn State University’s Enterprise Security Manager and Splunk’s Lead Technologist for Higher Education. Validation playbooks are automated tests run to validate a human judgement or request. Utility playbooks are short easy-to-create playbooks in Phantom that an analyst runs during an investigation. We’ll cover when to use validation and utility playbooks, how to get started creating them, and ideas for other playbooks you can use to improve your daily operations.
Speaker(s)
Craig Vincent, Lead Technologist,SLED, Splunk
Chris Decker, Enterprise Security Manager, Penn State University
Craig Vincent, Lead Technologist,SLED, Splunk
Chris Decker, Enterprise Security Manager, Penn State University
Slides PDF link - https://conf.splunk.com/files/2019/slides/SEC2205.pdf?podcast=1576909570
View all episodes
By SplunkYou've probably heard examples of Splunk Phantom automating 90% of Tier 1 processes, but did you know that Phantom improves human-lead processes too? Come learn about the hidden value of validation and utility playbooks from Penn State University’s Enterprise Security Manager and Splunk’s Lead Technologist for Higher Education. Validation playbooks are automated tests run to validate a human judgement or request. Utility playbooks are short easy-to-create playbooks in Phantom that an analyst runs during an investigation. We’ll cover when to use validation and utility playbooks, how to get started creating them, and ideas for other playbooks you can use to improve your daily operations.
Speaker(s)
Craig Vincent, Lead Technologist,SLED, Splunk
Chris Decker, Enterprise Security Manager, Penn State University
Craig Vincent, Lead Technologist,SLED, Splunk
Chris Decker, Enterprise Security Manager, Penn State University
Slides PDF link - https://conf.splunk.com/files/2019/slides/SEC2205.pdf?podcast=1576909570