Use Deception, Automated Response and Threat Emulation to Make Your Defense Proactive [Splunk Enterprise Security, Splunk Machine Learning Toolkit, Phantom, AI/ML]

Update: 2019-12-24

Description

Deception, automation, and real-time data exploitation help security organizations go on offense vs attackers. In this session we will discuss how to use a variety of deception techniques to gather threat intelligence, how to create an automated response, and how to test response playbooks to validate that responses work as expected.

Speaker(s)
Vincent Urias, Researcher, Sandia National Laboratories
Will Stout, Researcher, Sandia National Laboratories

Slides PDF link - https://conf.splunk.com/files/2019/slides/SEC2203.pdf?podcast=1577146239

Product: Splunk Enterprise Security, Splunk Machine Learning Toolkit, Phantom, AI/ML

Track: Security, Compliance and Fraud

Level: Intermediate

Comments

In Channel

What's New in Splunk for Security [Splunk Enterprise Security, Splunk User Behavior Analytics, Phantom]

2019-12-2433:47

Zero to Hero: A 202-Year-Old Firm’s Journey to End-to-End Security Visibility [Splunk Cloud, Splunk Enterprise Security, Phantom]

2019-12-24--:--

Make Your Security Tools Work Better Together Using Splunk's Adaptive Operations Framework [Splunk Enterprise, Splunk Enterprise Security, Phantom]

2019-12-24--:--

Mission Control: A Day in the Life of a Security Analyst [Splunk Enterprise Security, Splunk User Behavior Analytics, Phantom]

2019-12-24--:--

Our Splunk Phantom Journey: Implementation, Lessons Learned, and Playbook Walkthroughs [Splunk Enterprise, Phantom]

2019-12-24--:--

Pull up your SOCs 2.0 [Splunk Enterprise, Splunk Enterprise Security, Phantom]

2019-12-24--:--

Running Splunk in an Air-gapped environment [Splunk Enterprise, Splunk Enterprise Security, Phantom]

2019-12-24--:--

Scary (Spooky?) Fast Intelligence-Based Hunting with Splunk Phantom [Splunk Enterprise Security, Phantom]

2019-12-24--:--

Solving Endpoint Security & Perimeter Blindness with Splunk – Lessons from Cisco’s Internal InfoSec Deployment [Splunk Cloud, Splunk Enterprise Security, Phantom]

2019-12-24--:--

Soup to Nuts SRE: How to leverage ITSI, VictorOps and Phantom to be a site reliability engineering super hero [Splunk Enterprise, Splunk IT Service Intelligence, Phantom, VictorOps]

2019-12-24--:--

Splunk Phantom Ignition: Getting Automation Off the Ground and Working for You [Phantom]

2019-12-24--:--

Step Up Your Defenses with End-To-End Detection, Investigation, and Response [Splunk Enterprise Security, Splunk User Behavior Analytics, Phantom]

2019-12-24--:--

Survival of the Fastest: The 1-10-60 Rule [Splunk Enterprise, Splunk Enterprise Security, Phantom]

2019-12-24--:--

Tackle AWS Security Automatically with Splunk Phantom [Phantom]

2019-12-24--:--

The CISO’s Guide to Shutting Down Attacks Using the Dark Web + Live Dark Web Tour [Splunk Enterprise, Splunk Enterprise Security, Phantom]

2019-12-24--:--

Use Deception, Automated Response and Threat Emulation to Make Your Defense Proactive [Splunk Enterprise Security, Splunk Machine Learning Toolkit, Phantom, AI/ML]

2019-12-24--:--

Use Splunk SIEMulator to Generate Data for Automated Detection, Investigation, and Response [Splunk Enterprise Security, Splunk User Behavior Analytics, Phantom]

2019-12-24--:--

Deploying Splunk Enterprise Security and Splunk Phantom At Scale [Splunk Enterprise, Splunk Enterprise Security, Phantom]

2019-12-24--:--

Differentiating Evil from Benign in the Normally Abnormal World [Splunk Enterprise Security, Splunk IT Service Intelligence, Phantom]

2019-12-24--:--

Diving into Splunk Phantom's Overlooked Features [Phantom]

2019-12-24--:--

00:00

Use Deception, Automated Response and Threat Emulation to Make Your Defense Proactive [Splunk Enterprise Security, Splunk Machine Learning Toolkit, Phantom, AI/ML]

#box-pro-ellipsis-176120039637995{-webkit-line-clamp:2;}Use Deception, Automated Response and Threat Emulation to Make Your Defense Proactive [Splunk Enterprise Security, Splunk Machine Learning Toolkit, Phantom, AI/ML]

Use Deception, Automated Response and Threat Emulation to Make Your Defense Proactive [Splunk Enterprise Security, Splunk Machine Learning Toolkit, Phantom, AI/ML]

Splunk

Use Deception, Automated Response and Threat Emulation to Make Your Defense Proactive [Splunk Enterprise Security, Splunk Machine Learning Toolkit, Phantom, AI/ML]