Malware infection, lateral movement, data exfiltration, oh my! If you’ve spent any time around the wizarding world of security, you know how much effort goes into preventing dark magic from happening. What if you could use machine learning to stay one step ahead of the adversary? Fasten your seatbelts, because in this talk we will show you how Splunk can utilize machine learning models to take your security detections to the next level. We’ll demonstrate how Splunk's Machine Learning Toolkit can be used to train, validate, and then deploy models to identify anomalies and discover clusters of bad behavior via user-friendly guided workflows—all this while training your models with more data then you’ve ever been able to before. Prepare to leave Las Vegas equipped to incorporate machine learning in your organization’s security detections and jump from reactive to proactive. Mischief managed!

Speaker(s)
Melisa Napoles, Sales Engineer, Splunk
Erika Strano, Sales Engineer, Splunk

Slides PDF link - https://conf.splunk.com/files/2019/slides/SEC2129.pdf?podcast=1577146257

When is a 20MB email to an external Gmail account dangerous? It all depends on context. Understanding what normal behavior is will reveal whether specific behavior is malicious or ordinary. We’ll walk you through how using Splunk’s Machine Learning Toolkit and Splunk Enterprise Security together provides actionable insight for analysts to improve security. We'll also detail how we caught insider threats in our environment with these tools.

Speaker(s)
Karthik Subramanian, Principal Senior Cybersecurity Engineer, SAIC
Tyler Williams, Cybersecurity Data Analyst, SAIC

Slides PDF link - https://conf.splunk.com/files/2019/slides/SEC1305.pdf?podcast=1577146257

Wouldn’t it be a great if we had Splunk’s version of Moneyball; an application where everyone comes out ahead by leveraging data to drive effective Splunk enablement and adoption? Splunk’s internal logs have a wealth of information about how Splunk is being used within your organization. Let’s take drinking the “Splunk Champagne” to the next level by applying statistics and machine learning to Splunk’s internal logs! This session will cover segmenting users based on their search profiles - number of searches run, average response times, and recency of searches executed, among other criteria. We’ll use techniques such as clustering to classify users from novice to experts, and use TF-IDF and text analytics techniques to understand commands used in search strings. Enriching this data with completed and planned Splunk Education courses, lunch & learn sessions, and other training activities will enable your users to achieve the Splunk Ninja status they’re looking for!

Speaker(s)
Anand Ladda, Staff Solutions Engineer, Splunk

Slides PDF link - https://conf.splunk.com/files/2019/slides/FN1373.pdf?podcast=1577146257

Is confidence in your ability to disassociate real alerts from noise at an all-time low? Are alerts becoming ineffective because they’re excessive? Many organizations across many industries wrestle with these questions daily. Even so, the prevalence of alert noise persists. Join us to understand how T-Mobile is using Splunk Enterprise with the Splunk Machine Learning Toolkit to identify and narrow the point of origin of service-impacting events across our suite of enterprise applications. Using the DensityFunction algorithm to highlight anomalous behavior, we’re able to focus an investigation on a small subset of the applications which in turn leads to faster resolution of the issues we’re confronted with. 

Speaker(s)
Iman Makaremi, Principal Product Manager – Machine Learning and AI, Splunk
Scott Garcia, MTS - Member Technical Staff, T-Mobile

Slides PDF link - https://conf.splunk.com/files/2019/slides/FN1366.pdf?podcast=1577146257

20+ million subscribers, 290PB network traffic daily, and tens of millions of IoT, IPTV and ICT devices—a bigger network means more attacks from all over the world. Learn how SK Broadband, the biggest telco/ISP provider in South Korea, leverages Splunk Enterprise Security (ES) to protect their subscribers from countless DDoS and malware attacks. We will cover detailed use cases for analyzing a high volume of data—500 million security events over 7 billion logs per day—as well as how we met a high bar of operational efficiency by customizing our ES deployment.

Speaker(s)
Daesoo Choi, Senior Sales Engineer, Splunk
Kyoung Geun Lee, SoC Senior Manager, SK Broadband

Slides PDF link - https://conf.splunk.com/files/2019/slides/SEC2274.pdf?podcast=1577146257

It’s a bird, it’s a plane. Yes, it’s a plane! Let’s go for a flight into the skies of aviation data and the concepts and tools that make aviation data analytics easy. I’ve been capturing this open data for nearly two years, and I’ve been able to unravel some insights based on four projects. Two projects focus on processing Canadian/U.S. safety reports, while the other two are processing data captured and logged from a radio receiver made from a Raspberry Pi. Data Science is offering very exciting careers and providing an important competitive differentiator, which is why we’ll be reviewing several statistical processing techniques made possible by the power of the Machine Learning Toolkit. We also will cover exploratory data analysis tools built into the Search Processing Language. Before we approach for landing, we’ll show everything under the hood so that everybody can understand the things that make it fly. This is both a technical deep dive as-well-as a practical usage walkthrough.

Speaker(s)
Cory Syvenky, Sr. Cloud Analyst, WestJet

Slides PDF link - https://conf.splunk.com/files/2019/slides/FN2103.pdf?podcast=1577146257

This presentation will walk users through how to use the machine learning toolkit to accurately forecast disk usage across their entire environment, giving them the exact day, month, and year when a server will run out of disk space. No more being awakened at 3:00 am for a bridge call due to a drive running out of disk. This process also can be used by capacity planning teams to select a future date and get a clear view of capacity across the business for all servers. Using machine learning to remove tech debt in an organization does not require a data scientist. You can do it if you have the right server metrics and the MLTK installed.

Speaker(s)
Steve Koelpin, Splunk Advisor, TransUnion

Slides PDF link - https://conf.splunk.com/files/2019/slides/FN1137.pdf?podcast=1577146257

Wouldn’t it be great if you can just be proactively told when your Splunk deployment needs your attention? Wouldn’t it be simply awesome to go to one place and know exactly what the problem is and how to resolve it? At Splunk we understand that every organization suffers the pain of throwing resources to keep the lights on for their infrastructure environment. Fortunately the new version of Splunk Monitoring helps you know when things are not performing as expected. You can now see health of deployment wide without affecting your search or indexing latency and go through guided set of checks curated from years of support experience to solve issues first hand. 

Speaker(s)
Amrit Bath, Sr Manager, Engineering, Splunk
Shruti Anand, Product Manager, Splunk

Slides PDF link - https://conf.splunk.com/files/2019/slides/FN2087.pdf?podcast=1577146257

Are your analysts spending too much time clearing through notable events? Ours were too, but today our analysts are living the dream: they have all the details they want right there on the Incident Review screen, all while our alerts fine-tune themselves (with workflow action human input). Come and see how we achieved Incident Review Screen 2.0. by using Splunk's Machine Learning Toolkit to transition to smarter correlation searches.

Speaker(s)
Lukasz Antoniak, Cyber Detection Crafting Chief, Viasat
Ryan Rake, Viasat

Slides PDF link - https://conf.splunk.com/files/2019/slides/SEC1673.pdf?podcast=1577146257

In this session we will show you how Splunk customers around the world are using Splunk in creative ways to solve a range of challenges, from Trading Strategies to Market Abuse, and from Customer On-boarding to Customer Churn. There are no limits to what Splunk can be used for, and this session will help you get new ideas for how to deploy Splunk in your business.

Speaker(s)
Duncan Ash, AVP Global Financial Services, Splunk
Haider Al-Seaidy, Financial Services Industry Specialist, Splunk

Slides PDF link - https://conf.splunk.com/files/2019/slides/BA1321.pdf?podcast=1577146256