Sign up to save your podcasts
Or
Share Step Up Your Defenses with End-To-End Detection, Investigation, and Response [Splunk Enterprise Security, Splunk User Behavior Analytics, Phantom]
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
![Splunk [AI/ML, Splunk Machine Learning Toolkit] 2019 .conf Videos w/ Slides](https://podcast-api-images.s3.amazonaws.com/corona/show/930233/logo_300x300.png){kind=logo}
Step Up Your Defenses with End-To-End Detection, Investigation, and Response [Splunk Enterprise Security, Splunk User Behavior Analytics, Phantom]
Maturing and scaling your security operations rests on your ability to process and analyze huge volumes of often unrelated data in real time. But today's tools notoriously overwhelm SOC analysts with the sheer number of alerts and high percent of false positives, resulting in confusion about what tools to use for investigation and response. In this session, members of Splunk's Security Research Team will discuss the next generation of Enterprise Security Content Updates that they developed, which integrate the entire Splunk for Security product suite to create a robust end-to-end defense—detection, investigation, and response. We will go over how to use these security guides, which will leverage Splunk Enterprise Security, Splunk Phantom, and Splunk User Behavior Analytics. We'll also highlight the Run Story feature we built to operationalize ESCU Analytics stories and share tools and techniques customers can use to write and test their own use cases.
Speaker(s)
Bhavin Patel, Security Software Engineer, Splunk
Jose Hernandez, Security Researcher, Splunk
Bhavin Patel, Security Software Engineer, Splunk
Jose Hernandez, Security Researcher, Splunk
Slides PDF link - https://conf.splunk.com/files/2019/slides/SEC1775.pdf?podcast=1576909588
View all episodes
By SplunkMaturing and scaling your security operations rests on your ability to process and analyze huge volumes of often unrelated data in real time. But today's tools notoriously overwhelm SOC analysts with the sheer number of alerts and high percent of false positives, resulting in confusion about what tools to use for investigation and response. In this session, members of Splunk's Security Research Team will discuss the next generation of Enterprise Security Content Updates that they developed, which integrate the entire Splunk for Security product suite to create a robust end-to-end defense—detection, investigation, and response. We will go over how to use these security guides, which will leverage Splunk Enterprise Security, Splunk Phantom, and Splunk User Behavior Analytics. We'll also highlight the Run Story feature we built to operationalize ESCU Analytics stories and share tools and techniques customers can use to write and test their own use cases.
Speaker(s)
Bhavin Patel, Security Software Engineer, Splunk
Jose Hernandez, Security Researcher, Splunk
Bhavin Patel, Security Software Engineer, Splunk
Jose Hernandez, Security Researcher, Splunk
Slides PDF link - https://conf.splunk.com/files/2019/slides/SEC1775.pdf?podcast=1576909588