Sign up to save your podcasts
Or
Share Measure What Matters to Streamline Security Operations with Splunk [Splunk Cloud, Splunk Machine Learning Toolkit]
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
![Splunk [All Products] 2019 .conf Videos w/ Slides](https://podcast-api-images.s3.amazonaws.com/corona/show/922230/logo_300x300.png){kind=logo}
Measure What Matters to Streamline Security Operations with Splunk [Splunk Cloud, Splunk Machine Learning Toolkit]
To tame an event queue that's ballooning out of control, you need to know first which rules and data sources are generating a disproportionate number of alerts, and second the security value you're getting from those rules and data sources. Any changes made to rules or telemetry analyzed without that knowledge risk making your organization more vulnerable. In this session we'll discuss how Splunk empowers us to perform advanced analytics on everything from alert conversion rates to human time expenditure on alerts so that we can optimize all processes related to alerting. As long as we know what to measure and where to look, Splunk can help us tune our security operations centers to reduce monotony and false positives without diminishing our ability to detect actual threats.
Speaker(s)
Keshia LeVan, Detection Engineer, Red Canary
Keshia LeVan, Detection Engineer, Red Canary
Slides PDF link - https://conf.splunk.com/files/2019/slides/SEC2105.pdf?podcast=1577146225
Product: Splunk Cloud, Splunk Machine Learning Toolkit
Track: Security, Compliance and Fraud
Level: Advanced
View all episodes
By SplunkTo tame an event queue that's ballooning out of control, you need to know first which rules and data sources are generating a disproportionate number of alerts, and second the security value you're getting from those rules and data sources. Any changes made to rules or telemetry analyzed without that knowledge risk making your organization more vulnerable. In this session we'll discuss how Splunk empowers us to perform advanced analytics on everything from alert conversion rates to human time expenditure on alerts so that we can optimize all processes related to alerting. As long as we know what to measure and where to look, Splunk can help us tune our security operations centers to reduce monotony and false positives without diminishing our ability to detect actual threats.
Speaker(s)
Keshia LeVan, Detection Engineer, Red Canary
Keshia LeVan, Detection Engineer, Red Canary
Slides PDF link - https://conf.splunk.com/files/2019/slides/SEC2105.pdf?podcast=1577146225
Product: Splunk Cloud, Splunk Machine Learning Toolkit
Track: Security, Compliance and Fraud
Level: Advanced