Use Deception, Automated Response and Threat Emulation to Make Your Defense Proactive [Splunk Enterprise Security, Splunk Machine Learning Toolkit, Phantom, AI/ML]
Deception, automation, and real-time data exploitation help security organizations go on offense vs attackers. In this session we will discuss how to use a variety of deception techniques to gather threat intelligence, how to create an automated response, and how to test response playbooks to validate that responses work as expected.
Vincent Urias, Researcher, Sandia National Laboratories
Will Stout, Researcher, Sandia National Laboratories
Slides PDF link - https://conf.splunk.com/files/2019/slides/SEC2203.pdf?podcast=1577146259