SlideShare a Scribd company logo

Splunk Security Session - .conf Go Köln

Download as PPTX, PDF
Splunk
Splunk

The document is a presentation on cyber security trends and Splunk security products from Matthias Maier, Product Marketing Director for Security at Splunk. The presentation covers trends in security operations like the evolution of SOCs, new security roles, and data-centric security approaches. It also provides updates on Splunk's security portfolio including recognition as a leader in SIEM by Gartner and growth in the SIEM market. Maier highlights some breakout sessions from the conference on topics like asset defense, machine learning, and building detections.

1 of 54
Downloaded 35 times
© 2022 SPLUNK INC. Security Session 15. November, Köln
© 2022 SPLUNK INC.
© 2019 SPLUNK INC. Matthias Maier Product Marketing Director for Security in EMEA Experience • Since 02.2013 @Splunk • Former LogLogic/TIBCO, McAfee/Intel Security • CEH, CISSP, CISM
© 2022 SPLUNK INC. Agenda Cyber Security Trends Trends in Security Operations The Splunk Approach Security Product & Solution Update My Top 3 Security Breakouts Next Steps!
© 2022 SPLUNK INC.
© 2022 SPLUNK INC. Double Triple Extortion Ransomware (Dreifach Bestrafung) 1989; Mid 2000 until Today Finland Mental Health Triple Extortion Allianz Global Corporate & Speciality
© 2022 SPLUNK INC. Verletzung der Geheimhaltungs- u. Vertraulichkeits- vereinbarung von Verträgen Vorfall 1
© 2022 SPLUNK INC. Akquise von Zugangsdaten von Mitarbeitern / Dienstleistern / Zeitarbeitern Vorfall 2
© 2022 SPLUNK INC. Zerstörung einer Produktionsstätte Vorfall 3
© 2022 SPLUNK INC. Gesetzliche Vorgaben und Empfehlungen Staatliche Instrumente BSI Mindeststandards IT Sicherheitsgesetz 2.0 KRITIS Sektoren basierte Standards
© 2022 SPLUNK INC. BSI Mindeststandards Beispiel: Mindeststandard des BSI zur Protokollierung und Detektion von Cyber- Angriffen https://www.bsi.bund.de/DE/Themen/Oeffentliche-Verwaltung/Mindeststandards/PDCA/PDCA_node.html
© 2022 SPLUNK INC. BSI Mindeststandards Beispiel: Mindeststandard des BSI zur Protokollierung und Detektion von Cyber- Angriffen https://www.bsi.bund.de/DE/Themen/Oeffentliche-Verwaltung/Mindeststandards/PDCA/PDCA_node.html
© 2022 SPLUNK INC. §8a (1a) Angriffserkennung § 8a (3) Nachweise § 8b Meldepflicht § 8a Absatz 1 BSIG - Konkretisierung der KRITIS-Anforderungen
© 2022 SPLUNK INC. Trends in Security Operations
© 2022 SPLUNK INC. Typical SOC Function Triangle Modern SOC Modern Functional SOC Trend 1) The Evolution of SOC’s Monitoring & Detection Detection Engineering Incident Response Monitoring & Detection Detection Engineering Incident Response & Hunting Threat Intel Monitoring & Detection Detection Engineering Incident Response & Hunting Threat Intel Info Sec OT Sec NOC IOT Sec Source: Gartner
© 2022 SPLUNK INC. Challenges today… Lack of Visibility Expanding Attack Surface Tooling Complexity Skilled Resource Constraints
© 2022 SPLUNK INC. Trend 2) New Roles in Security Operations Security Content Developer/ Detection Engineer Automation Engineer
© 2022 SPLUNK INC. Trend 3) Das datenzentrierte moderne SOC Erkennung, Untersuchung und Reaktion auf digitale Bedrohungen Data Platform Intelligence Management Threat Research Analytics Automation and Orchestration Detect/Correlate Predict/Prevent Discover/Prepar e Analyze/Investiga te Report/Comply Triage/Respond Unparalleled Ecosystem • Apps • Technical architectures • Connections • Partners • Community
© 2022 SPLUNK INC. Security Product & Solution Update
© 2022 SPLUNK INC. Unser Grundverständnis Sicherheit ist ein Datenproblem Ein Vorfall ist ein Vorfall Alle Daten sind sicherheitsrelevant
© 2022 SPLUNK INC. Das datenzentrierte moderne SOC Erkennung, Untersuchung und Reaktion auf digitale Bedrohungen Splunk Platform Threat Intelligence Management Splunk Threat Research / SURGe Splunk Enterprise Security Splunk SOAR Splunkbase • 2,700+ integrations Detect/Correlate Predict/Prevent Discover/Prepare Analyze/Investigate Report/Comply Triage/Respond
© 2022 SPLUNK INC. Splunk #1 Worldwide by Revenue in 2021 for SIEM • Splunk is the SIEM market share leader for 2021 capturing 30% of the global market • The Security market grew 23% YoY to $60B in 2021. SIEM market is now $4.1B growing 20% in 2021 • *Others = Vendors beyond the top 8 vendors in this space Chart created by Splunk based on Gartner research. Source: Gartner, Inc., Market Share: All Software Markets, Worldwide 2021; Neha Gupta; April 12, 2022. Splunk IBM Microsoft LogRhythm Micro Focus Exabeam RSA Securonix Other 30% 17% 11% 6% 5% 4% 4% 3% 21% Total Market $4.1B +20%
© 2022 SPLUNK INC. Splunk Recognized as a Leader in the 2022 Magic Quadrant for Security Information and Event Management • Splunk named a Leader for the 9th time! • One of the longest running recognitions in the history of the SIEM market. • Splunk is in the top 3 vendors for Vision and Execution in the Leaders Quadrant, moving ahead of IBM in Vision and ahead of Exabeam and Securonix in Execution Gartner disclaimer: Gartner, Inc., 2022 Magic Quadrant for Security Information and Event Management, and Critical Capabilities for Security Information and Event Management, Pete Shoard, Andrew Davies, Mitchell Schneider. 11 October 2022. This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from Splunk. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.
© 2022 SPLUNK INC. 72.000 Leser haben abgestimmt Readers Choice PLATIN Erster Platz SIEM & SOAR
© 2022 SPLUNK INC. Leveraging MITRE ATT&CK with Splunk MITRE Att&ck Tactics and Techniques Data Sources Detection Rules
© 2022 SPLUNK INC. Splunk Security Essentials Browse, bookmark, and deploy 1100+ security detections and analytic stories ● Repository of Security Content for Splunk Cloud, Enterprise Security, UEBA, and SOAR ● Deploy security content within clicks ● Enrich notable events and run analytics with context from content library ● Stay up to date on ransomware + emerging threats
© 2022 SPLUNK INC. Splunk Enterprise Security A data-centric, modern SIEM • Gain insight into your security posture and investigate with speed and flexibility • Reduce false positives by up to 80%, detect more sophisticated threats, and align security operations to industry frameworks • Use pre-built detection and investigation content to more easily secure your AWS, Azure, and Google Cloud Platform data • Scale to search and monitor terabytes of data per day
© 2022 SPLUNK INC. Splunk Enterprise Security A data-centric, modern SIEM • Gain insight into your security posture and investigate with speed and flexibility • Reduce false positives by up to 80%, detect more sophisticated threats, and align security operations to industry frameworks • Use pre-built detection and investigation content to more easily secure your AWS, Azure, and Google Cloud Platform data • Scale to search and monitor terabytes of data per day
© 2022 SPLUNK INC. Advanced Analytics ● 700+ detections with 100+ cloud- based detections ● 30% increase in true-positive alert rates with Risk-Based Alerting (RBA) ● Enrich and prioritize alerts with integrated threat intelligence (Splunk Intelligence Management) ● Align security operations to industry frameworks (MITRE ATT&CK, NIST, CIS 20, and Kill Chain) ● Dive deep with intuitive search and investigation capabilities Boost productivity
© 2022 SPLUNK INC. Splunk SOAR • Effortless Automation through a Simplified Interface • Decreased dependence on custom code • Definable playbook inputs and outputs reduces automation development time • Scale Automation Efficiently and Quickly with Modular Playbooks Boost productivity
© 2022 SPLUNK INC. Splunk SOAR • Effortless Automation through a Simplified Interface • Decreased dependence on custom code • Definable playbook inputs and outputs reduces automation development time • Scale Automation Efficiently and Quickly with Modular Playbooks Boost productivity
© 2022 SPLUNK INC. My Must Watch Sessions There are many other good once! Got Assets? Defending Your Assets Part Two: You Asked for It! SEC1219B One App To Rule Them All: Applying Machine Learning To Find Them SEC1471B Build Detection as Code Like the Splunk Threat Research Team SEC1197C Threat Research Engineer Cyber Security Unit Manager Security Engineer Senior SOAR Engineer https://conf.splunk.com/watch/conf-online.html?search=SEC1219B#/ https://conf.splunk.com/watch/conf-online.html?search=SEC1471B#/ https://conf.splunk.com/watch/conf-online.html?search=SEC1197C#/
© 2022 SPLUNK INC. Got Assets? Defending Your Assets Part Two: You Asked for It!
© 2022 SPLUNK INC. Got Assets? Defending Your Assets Part Two: You Asked for It!
© 2022 SPLUNK INC. Got Assets? Defending Your Assets Part Two: You Asked for It!
© 2022 SPLUNK INC. Got Assets? Defending Your Assets Part Two: You Asked for It!
© 2022 SPLUNK INC. Got Assets? Defending Your Assets Part Two: You Asked for It!
© 2022 SPLUNK INC. Got Assets? Defending Your Assets Part Two: You Asked for It!
© 2022 SPLUNK INC. One App To Rule Them All Applying Machine Learning To Find Them
© 2022 SPLUNK INC. One App To Rule Them All Applying Machine Learning To Find Them
© 2022 SPLUNK INC. One App To Rule Them All Applying Machine Learning To Find Them
© 2022 SPLUNK INC. One App To Rule Them All Applying Machine Learning To Find Them
© 2022 SPLUNK INC. One App To Rule Them All Applying Machine Learning To Find Them
© 2022 SPLUNK INC. One App To Rule Them All Applying Machine Learning To Find Them
© 2022 SPLUNK INC. Build Detection as Code Like the Splunk Threat Research Team
© 2022 SPLUNK INC. Build Detection as Code Like the Splunk Threat Research Team
© 2022 SPLUNK INC. Build Detection as Code Like the Splunk Threat Research Team
© 2022 SPLUNK INC. Build Detection as Code Like the Splunk Threat Research Team
© 2022 SPLUNK INC. Build Detection as Code Like the Splunk Threat Research Team
© 2022 SPLUNK INC. Build Detection as Code Like the Splunk Threat Research Team
© 2022 SPLUNK INC. My Must Watch Sessions There are many other good once! Got Assets? Defending Your Assets Part Two: You Asked for It! SEC1219B One App To Rule Them All: Applying Machine Learning To Find Them SEC1471B Build Detection as Code Like the Splunk Threat Research Team SEC1197C Threat Research Engineer Cyber Security Unit Manager Security Engineer Senior SOAR Engineer https://conf.splunk.com/watch/conf-online.html?search=SEC1219B#/ https://conf.splunk.com/watch/conf-online.html?search=SEC1471B#/ https://conf.splunk.com/watch/conf-online.html?search=SEC1197C#/
© 2022 SPLUNK INC. Next Steps SecOps Journey a) Schedule inhouse for your team! b) Attend Online (https://events.splunk.com/EMEA_Security_Worksh ops)
© 2022 SPLUNK INC. BOTS Platform https://bots.splunk.com 24x7 Access Login with Splunk.com account (just like Splunkbase) Used for all BOTS competition events More content to be added
© 2022 SPLUNK INC. Thank You!
Ad

Recommended

Splunk Overview
Splunk OverviewSplunk Overview
Splunk Overview
Splunk
 
Do You Really Need to Evolve From Monitoring to Observability?
Do You Really Need to Evolve From Monitoring to Observability?Do You Really Need to Evolve From Monitoring to Observability?
Do You Really Need to Evolve From Monitoring to Observability?
Splunk
 
Splunk-Presentation
Splunk-Presentation Splunk-Presentation
Splunk-Presentation
PrasadThorat23
 
Splunk Enterprise Security
Splunk Enterprise Security Splunk Enterprise Security
Splunk Enterprise Security
Md Mofijul Haque
 
Splunk Cloud
Splunk CloudSplunk Cloud
Splunk Cloud
Splunk
 
Getting Started with Splunk (Hands-On)
Getting Started with Splunk (Hands-On) Getting Started with Splunk (Hands-On)
Getting Started with Splunk (Hands-On)
Splunk
 
Splunk Phantom SOAR Roundtable
Splunk Phantom SOAR RoundtableSplunk Phantom SOAR Roundtable
Splunk Phantom SOAR Roundtable
Splunk
 
Splunk for Enterprise Security and User Behavior Analytics
Splunk for Enterprise Security and User Behavior Analytics Splunk for Enterprise Security and User Behavior Analytics
Splunk for Enterprise Security and User Behavior Analytics
Splunk
 
More Than Monitoring: How Observability Takes You From Firefighting to Fire P...
More Than Monitoring: How Observability Takes You From Firefighting to Fire P...More Than Monitoring: How Observability Takes You From Firefighting to Fire P...
More Than Monitoring: How Observability Takes You From Firefighting to Fire P...
DevOps.com
 
Splunk Enterprise Security
Splunk Enterprise SecuritySplunk Enterprise Security
Splunk Enterprise Security
Splunk
 
.conf Go 2022 - Observability Session
.conf Go 2022 - Observability Session.conf Go 2022 - Observability Session
.conf Go 2022 - Observability Session
Splunk
 
Splunk for Enterprise Security featuring User Behavior Analytics
Splunk for Enterprise Security featuring User Behavior AnalyticsSplunk for Enterprise Security featuring User Behavior Analytics
Splunk for Enterprise Security featuring User Behavior Analytics
Splunk
 
dlux - Splunk Technical Overview
dlux - Splunk Technical Overviewdlux - Splunk Technical Overview
dlux - Splunk Technical Overview
David Lutz
 
Splunk Overview
Splunk OverviewSplunk Overview
Splunk Overview
Splunk
 
Splunk Architecture
Splunk ArchitectureSplunk Architecture
Splunk Architecture
Kishore Chaganti
 
Elastic SIEM (Endpoint Security)
Elastic SIEM (Endpoint Security)Elastic SIEM (Endpoint Security)
Elastic SIEM (Endpoint Security)
Kangaroot
 
Security Automation & Orchestration
Security Automation & OrchestrationSecurity Automation & Orchestration
Security Automation & Orchestration
Splunk
 
PPT-Splunk-LegacySIEM-101_FINAL
PPT-Splunk-LegacySIEM-101_FINALPPT-Splunk-LegacySIEM-101_FINAL
PPT-Splunk-LegacySIEM-101_FINAL
Risi Avila
 
AppSec & DevSecOps Metrics: Key Performance Indicators (KPIs) to Measure Success
AppSec & DevSecOps Metrics: Key Performance Indicators (KPIs) to Measure SuccessAppSec & DevSecOps Metrics: Key Performance Indicators (KPIs) to Measure Success
AppSec & DevSecOps Metrics: Key Performance Indicators (KPIs) to Measure Success
Robert Grupe, CSSLP CISSP PE PMP
 
Splunk Tutorial for Beginners - What is Splunk | Edureka
Splunk Tutorial for Beginners - What is Splunk | EdurekaSplunk Tutorial for Beginners - What is Splunk | Edureka
Splunk Tutorial for Beginners - What is Splunk | Edureka
Edureka!
 
ELK in Security Analytics
ELK in Security Analytics ELK in Security Analytics
ELK in Security Analytics
nullowaspmumbai
 
Splunk Data Onboarding Overview - Splunk Data Collection Architecture
Splunk Data Onboarding Overview - Splunk Data Collection ArchitectureSplunk Data Onboarding Overview - Splunk Data Collection Architecture
Splunk Data Onboarding Overview - Splunk Data Collection Architecture
Splunk
 
Splunk Architecture overview
Splunk Architecture overviewSplunk Architecture overview
Splunk Architecture overview
Alex Fok
 
SOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations CenterSOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations Center
Michael Nickle
 
Getting Started with Splunk Enterprise - Demo
Getting Started with Splunk Enterprise - DemoGetting Started with Splunk Enterprise - Demo
Getting Started with Splunk Enterprise - Demo
Splunk
 
QRadar, ArcSight and Splunk
QRadar, ArcSight and Splunk QRadar, ArcSight and Splunk
QRadar, ArcSight and Splunk
M sharifi
 
Splunk HTTP Event Collector
Splunk HTTP Event CollectorSplunk HTTP Event Collector
Splunk HTTP Event Collector
Splunk
 
SEIM-Microsoft Sentinel.pptx
SEIM-Microsoft Sentinel.pptxSEIM-Microsoft Sentinel.pptx
SEIM-Microsoft Sentinel.pptx
AmrMousa51
 
Splunk for Enterprise Security featuring UBA Breakout Session
Splunk for Enterprise Security featuring UBA Breakout SessionSplunk for Enterprise Security featuring UBA Breakout Session
Splunk for Enterprise Security featuring UBA Breakout Session
Splunk
 
March 2023 PNW User Group
March 2023 PNW User GroupMarch 2023 PNW User Group
March 2023 PNW User Group
Amanda Richardson
 
Ad

More Related Content

What's hot (20)

More Than Monitoring: How Observability Takes You From Firefighting to Fire P...
More Than Monitoring: How Observability Takes You From Firefighting to Fire P...More Than Monitoring: How Observability Takes You From Firefighting to Fire P...
More Than Monitoring: How Observability Takes You From Firefighting to Fire P...
DevOps.com
 
Splunk Enterprise Security
Splunk Enterprise SecuritySplunk Enterprise Security
Splunk Enterprise Security
Splunk
 
.conf Go 2022 - Observability Session
.conf Go 2022 - Observability Session.conf Go 2022 - Observability Session
.conf Go 2022 - Observability Session
Splunk
 
Splunk for Enterprise Security featuring User Behavior Analytics
Splunk for Enterprise Security featuring User Behavior AnalyticsSplunk for Enterprise Security featuring User Behavior Analytics
Splunk for Enterprise Security featuring User Behavior Analytics
Splunk
 
dlux - Splunk Technical Overview
dlux - Splunk Technical Overviewdlux - Splunk Technical Overview
dlux - Splunk Technical Overview
David Lutz
 
Splunk Overview
Splunk OverviewSplunk Overview
Splunk Overview
Splunk
 
Splunk Architecture
Splunk ArchitectureSplunk Architecture
Splunk Architecture
Kishore Chaganti
 
Elastic SIEM (Endpoint Security)
Elastic SIEM (Endpoint Security)Elastic SIEM (Endpoint Security)
Elastic SIEM (Endpoint Security)
Kangaroot
 
Security Automation & Orchestration
Security Automation & OrchestrationSecurity Automation & Orchestration
Security Automation & Orchestration
Splunk
 
PPT-Splunk-LegacySIEM-101_FINAL
PPT-Splunk-LegacySIEM-101_FINALPPT-Splunk-LegacySIEM-101_FINAL
PPT-Splunk-LegacySIEM-101_FINAL
Risi Avila
 
AppSec & DevSecOps Metrics: Key Performance Indicators (KPIs) to Measure Success
AppSec & DevSecOps Metrics: Key Performance Indicators (KPIs) to Measure SuccessAppSec & DevSecOps Metrics: Key Performance Indicators (KPIs) to Measure Success
AppSec & DevSecOps Metrics: Key Performance Indicators (KPIs) to Measure Success
Robert Grupe, CSSLP CISSP PE PMP
 
Splunk Tutorial for Beginners - What is Splunk | Edureka
Splunk Tutorial for Beginners - What is Splunk | EdurekaSplunk Tutorial for Beginners - What is Splunk | Edureka
Splunk Tutorial for Beginners - What is Splunk | Edureka
Edureka!
 
ELK in Security Analytics
ELK in Security Analytics ELK in Security Analytics
ELK in Security Analytics
nullowaspmumbai
 
Splunk Data Onboarding Overview - Splunk Data Collection Architecture
Splunk Data Onboarding Overview - Splunk Data Collection ArchitectureSplunk Data Onboarding Overview - Splunk Data Collection Architecture
Splunk Data Onboarding Overview - Splunk Data Collection Architecture
Splunk
 
Splunk Architecture overview
Splunk Architecture overviewSplunk Architecture overview
Splunk Architecture overview
Alex Fok
 
SOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations CenterSOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations Center
Michael Nickle
 
Getting Started with Splunk Enterprise - Demo
Getting Started with Splunk Enterprise - DemoGetting Started with Splunk Enterprise - Demo
Getting Started with Splunk Enterprise - Demo
Splunk
 
QRadar, ArcSight and Splunk
QRadar, ArcSight and Splunk QRadar, ArcSight and Splunk
QRadar, ArcSight and Splunk
M sharifi
 
Splunk HTTP Event Collector
Splunk HTTP Event CollectorSplunk HTTP Event Collector
Splunk HTTP Event Collector
Splunk
 
SEIM-Microsoft Sentinel.pptx
SEIM-Microsoft Sentinel.pptxSEIM-Microsoft Sentinel.pptx
SEIM-Microsoft Sentinel.pptx
AmrMousa51
 
More Than Monitoring: How Observability Takes You From Firefighting to Fire P...
More Than Monitoring: How Observability Takes You From Firefighting to Fire P...More Than Monitoring: How Observability Takes You From Firefighting to Fire P...
More Than Monitoring: How Observability Takes You From Firefighting to Fire P...
DevOps.com
 
Splunk Enterprise Security
Splunk Enterprise SecuritySplunk Enterprise Security
Splunk Enterprise Security
Splunk
 
.conf Go 2022 - Observability Session
.conf Go 2022 - Observability Session.conf Go 2022 - Observability Session
.conf Go 2022 - Observability Session
Splunk
 
Splunk for Enterprise Security featuring User Behavior Analytics
Splunk for Enterprise Security featuring User Behavior AnalyticsSplunk for Enterprise Security featuring User Behavior Analytics
Splunk for Enterprise Security featuring User Behavior Analytics
Splunk
 
dlux - Splunk Technical Overview
dlux - Splunk Technical Overviewdlux - Splunk Technical Overview
dlux - Splunk Technical Overview
David Lutz
 
Splunk Overview
Splunk OverviewSplunk Overview
Splunk Overview
Splunk
 
Splunk Architecture
Splunk ArchitectureSplunk Architecture
Splunk Architecture
Kishore Chaganti
 
Elastic SIEM (Endpoint Security)
Elastic SIEM (Endpoint Security)Elastic SIEM (Endpoint Security)
Elastic SIEM (Endpoint Security)
Kangaroot
 
Security Automation & Orchestration
Security Automation & OrchestrationSecurity Automation & Orchestration
Security Automation & Orchestration
Splunk
 
PPT-Splunk-LegacySIEM-101_FINAL
PPT-Splunk-LegacySIEM-101_FINALPPT-Splunk-LegacySIEM-101_FINAL
PPT-Splunk-LegacySIEM-101_FINAL
Risi Avila
 
AppSec & DevSecOps Metrics: Key Performance Indicators (KPIs) to Measure Success
AppSec & DevSecOps Metrics: Key Performance Indicators (KPIs) to Measure SuccessAppSec & DevSecOps Metrics: Key Performance Indicators (KPIs) to Measure Success
AppSec & DevSecOps Metrics: Key Performance Indicators (KPIs) to Measure Success
Robert Grupe, CSSLP CISSP PE PMP
 
Splunk Tutorial for Beginners - What is Splunk | Edureka
Splunk Tutorial for Beginners - What is Splunk | EdurekaSplunk Tutorial for Beginners - What is Splunk | Edureka
Splunk Tutorial for Beginners - What is Splunk | Edureka
Edureka!
 
ELK in Security Analytics
ELK in Security Analytics ELK in Security Analytics
ELK in Security Analytics
nullowaspmumbai
 
Splunk Data Onboarding Overview - Splunk Data Collection Architecture
Splunk Data Onboarding Overview - Splunk Data Collection ArchitectureSplunk Data Onboarding Overview - Splunk Data Collection Architecture
Splunk Data Onboarding Overview - Splunk Data Collection Architecture
Splunk
 
Splunk Architecture overview
Splunk Architecture overviewSplunk Architecture overview
Splunk Architecture overview
Alex Fok
 
SOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations CenterSOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations Center
Michael Nickle
 
Getting Started with Splunk Enterprise - Demo
Getting Started with Splunk Enterprise - DemoGetting Started with Splunk Enterprise - Demo
Getting Started with Splunk Enterprise - Demo
Splunk
 
QRadar, ArcSight and Splunk
QRadar, ArcSight and Splunk QRadar, ArcSight and Splunk
QRadar, ArcSight and Splunk
M sharifi
 
Splunk HTTP Event Collector
Splunk HTTP Event CollectorSplunk HTTP Event Collector
Splunk HTTP Event Collector
Splunk
 
SEIM-Microsoft Sentinel.pptx
SEIM-Microsoft Sentinel.pptxSEIM-Microsoft Sentinel.pptx
SEIM-Microsoft Sentinel.pptx
AmrMousa51
 

Similar to Splunk Security Session - .conf Go Köln (20)

Splunk for Enterprise Security featuring UBA Breakout Session
Splunk for Enterprise Security featuring UBA Breakout SessionSplunk for Enterprise Security featuring UBA Breakout Session
Splunk for Enterprise Security featuring UBA Breakout Session
Splunk
 
March 2023 PNW User Group
March 2023 PNW User GroupMarch 2023 PNW User Group
March 2023 PNW User Group
Amanda Richardson
 
December Bengaluru Splunk User Group Meetup
December Bengaluru Splunk User Group MeetupDecember Bengaluru Splunk User Group Meetup
December Bengaluru Splunk User Group Meetup
kamlesh2410
 
SSE Overview Deck - Swedish User Group.pdf
SSE Overview Deck - Swedish User Group.pdfSSE Overview Deck - Swedish User Group.pdf
SSE Overview Deck - Swedish User Group.pdf
Ulf Thornander
 
Splunk Discovery Day Dubai 2017 - Security Keynote
Splunk Discovery Day Dubai 2017 - Security KeynoteSplunk Discovery Day Dubai 2017 - Security Keynote
Splunk Discovery Day Dubai 2017 - Security Keynote
Splunk
 
Splunk for Enterprise Security featuring UBA Breakout Session
Splunk for Enterprise Security featuring UBA Breakout SessionSplunk for Enterprise Security featuring UBA Breakout Session
Splunk for Enterprise Security featuring UBA Breakout Session
Splunk
 
Splunk Solution overview testing versi 1
Splunk Solution overview testing versi 1Splunk Solution overview testing versi 1
Splunk Solution overview testing versi 1
yulitasarahhh
 
Splunk for Enterprise Security Featuring UBA
Splunk for Enterprise Security Featuring UBASplunk for Enterprise Security Featuring UBA
Splunk for Enterprise Security Featuring UBA
Splunk
 
.conf Go Zurich 2022 - Security Session
.conf Go Zurich 2022 - Security Session.conf Go Zurich 2022 - Security Session
.conf Go Zurich 2022 - Security Session
Splunk
 
Splunk for Enterprise Security featuring User Behavior Analytics
Splunk for Enterprise Security featuring User Behavior AnalyticsSplunk for Enterprise Security featuring User Behavior Analytics
Splunk for Enterprise Security featuring User Behavior Analytics
Splunk
 
Evento anual Splunk .conf24 Highlights recap
Evento anual Splunk .conf24 Highlights recapEvento anual Splunk .conf24 Highlights recap
Evento anual Splunk .conf24 Highlights recap
Rafael Santos
 
SplunkLive! Paris 2016 - Plenary session
SplunkLive! Paris 2016 - Plenary sessionSplunkLive! Paris 2016 - Plenary session
SplunkLive! Paris 2016 - Plenary session
Splunk
 
Splunk bangalore user group 2020-06-01
Splunk bangalore user group 2020-06-01Splunk bangalore user group 2020-06-01
Splunk bangalore user group 2020-06-01
NiketNilay
 
Splunk Discovery Köln - 17-01-2020 - Accelerate Incident Response
Splunk Discovery Köln - 17-01-2020 - Accelerate Incident ResponseSplunk Discovery Köln - 17-01-2020 - Accelerate Incident Response
Splunk Discovery Köln - 17-01-2020 - Accelerate Incident Response
Splunk
 
How a Leading Saudi Bank Matured Security to Better Partner the Business
How a Leading Saudi Bank Matured Security to Better Partner the BusinessHow a Leading Saudi Bank Matured Security to Better Partner the Business
How a Leading Saudi Bank Matured Security to Better Partner the Business
Splunk
 
SOC, Amore Mio! | Security Webinar
SOC, Amore Mio! | Security WebinarSOC, Amore Mio! | Security Webinar
SOC, Amore Mio! | Security Webinar
Splunk
 
Drive More Value from your SOC Through Connecting Security to the Business
Drive More Value from your SOC Through Connecting Security to the BusinessDrive More Value from your SOC Through Connecting Security to the Business
Drive More Value from your SOC Through Connecting Security to the Business
Splunk
 
Make Your SOC Work Smarter, Not Harder
Make Your SOC Work Smarter, Not HarderMake Your SOC Work Smarter, Not Harder
Make Your SOC Work Smarter, Not Harder
Splunk
 
Mission Possible: Detect and Prevent CyberAttacks with Splunk and Palo Alto N...
Mission Possible: Detect and Prevent CyberAttacks with Splunk and Palo Alto N...Mission Possible: Detect and Prevent CyberAttacks with Splunk and Palo Alto N...
Mission Possible: Detect and Prevent CyberAttacks with Splunk and Palo Alto N...
Erin Sweeney
 
Mission possible splunk+paloaltonetworks_6_2015
Mission possible splunk+paloaltonetworks_6_2015Mission possible splunk+paloaltonetworks_6_2015
Mission possible splunk+paloaltonetworks_6_2015
Splunk
 
Splunk for Enterprise Security featuring UBA Breakout Session
Splunk for Enterprise Security featuring UBA Breakout SessionSplunk for Enterprise Security featuring UBA Breakout Session
Splunk for Enterprise Security featuring UBA Breakout Session
Splunk
 
March 2023 PNW User Group
March 2023 PNW User GroupMarch 2023 PNW User Group
March 2023 PNW User Group
Amanda Richardson
 
December Bengaluru Splunk User Group Meetup
December Bengaluru Splunk User Group MeetupDecember Bengaluru Splunk User Group Meetup
December Bengaluru Splunk User Group Meetup
kamlesh2410
 
SSE Overview Deck - Swedish User Group.pdf
SSE Overview Deck - Swedish User Group.pdfSSE Overview Deck - Swedish User Group.pdf
SSE Overview Deck - Swedish User Group.pdf
Ulf Thornander
 
Splunk Discovery Day Dubai 2017 - Security Keynote
Splunk Discovery Day Dubai 2017 - Security KeynoteSplunk Discovery Day Dubai 2017 - Security Keynote
Splunk Discovery Day Dubai 2017 - Security Keynote
Splunk
 
Splunk for Enterprise Security featuring UBA Breakout Session
Splunk for Enterprise Security featuring UBA Breakout SessionSplunk for Enterprise Security featuring UBA Breakout Session
Splunk for Enterprise Security featuring UBA Breakout Session
Splunk
 
Splunk Solution overview testing versi 1
Splunk Solution overview testing versi 1Splunk Solution overview testing versi 1
Splunk Solution overview testing versi 1
yulitasarahhh
 
Splunk for Enterprise Security Featuring UBA
Splunk for Enterprise Security Featuring UBASplunk for Enterprise Security Featuring UBA
Splunk for Enterprise Security Featuring UBA
Splunk
 
.conf Go Zurich 2022 - Security Session
.conf Go Zurich 2022 - Security Session.conf Go Zurich 2022 - Security Session
.conf Go Zurich 2022 - Security Session
Splunk
 
Splunk for Enterprise Security featuring User Behavior Analytics
Splunk for Enterprise Security featuring User Behavior AnalyticsSplunk for Enterprise Security featuring User Behavior Analytics
Splunk for Enterprise Security featuring User Behavior Analytics
Splunk
 
Evento anual Splunk .conf24 Highlights recap
Evento anual Splunk .conf24 Highlights recapEvento anual Splunk .conf24 Highlights recap
Evento anual Splunk .conf24 Highlights recap
Rafael Santos
 
SplunkLive! Paris 2016 - Plenary session
SplunkLive! Paris 2016 - Plenary sessionSplunkLive! Paris 2016 - Plenary session
SplunkLive! Paris 2016 - Plenary session
Splunk
 
Splunk bangalore user group 2020-06-01
Splunk bangalore user group 2020-06-01Splunk bangalore user group 2020-06-01
Splunk bangalore user group 2020-06-01
NiketNilay
 
Splunk Discovery Köln - 17-01-2020 - Accelerate Incident Response
Splunk Discovery Köln - 17-01-2020 - Accelerate Incident ResponseSplunk Discovery Köln - 17-01-2020 - Accelerate Incident Response
Splunk Discovery Köln - 17-01-2020 - Accelerate Incident Response
Splunk
 
How a Leading Saudi Bank Matured Security to Better Partner the Business
How a Leading Saudi Bank Matured Security to Better Partner the BusinessHow a Leading Saudi Bank Matured Security to Better Partner the Business
How a Leading Saudi Bank Matured Security to Better Partner the Business
Splunk
 
SOC, Amore Mio! | Security Webinar
SOC, Amore Mio! | Security WebinarSOC, Amore Mio! | Security Webinar
SOC, Amore Mio! | Security Webinar
Splunk
 
Drive More Value from your SOC Through Connecting Security to the Business
Drive More Value from your SOC Through Connecting Security to the BusinessDrive More Value from your SOC Through Connecting Security to the Business
Drive More Value from your SOC Through Connecting Security to the Business
Splunk
 
Make Your SOC Work Smarter, Not Harder
Make Your SOC Work Smarter, Not HarderMake Your SOC Work Smarter, Not Harder
Make Your SOC Work Smarter, Not Harder
Splunk
 
Mission Possible: Detect and Prevent CyberAttacks with Splunk and Palo Alto N...
Mission Possible: Detect and Prevent CyberAttacks with Splunk and Palo Alto N...Mission Possible: Detect and Prevent CyberAttacks with Splunk and Palo Alto N...
Mission Possible: Detect and Prevent CyberAttacks with Splunk and Palo Alto N...
Erin Sweeney
 
Mission possible splunk+paloaltonetworks_6_2015
Mission possible splunk+paloaltonetworks_6_2015Mission possible splunk+paloaltonetworks_6_2015
Mission possible splunk+paloaltonetworks_6_2015
Splunk
 
Ad

More from Splunk (20)

Splunk Security Update | Public Sector Summit Germany 2025
Splunk Security Update | Public Sector Summit Germany 2025Splunk Security Update | Public Sector Summit Germany 2025
Splunk Security Update | Public Sector Summit Germany 2025
Splunk
 
Building Resilience with Energy Management for the Public Sector
Building Resilience with Energy Management for the Public SectorBuilding Resilience with Energy Management for the Public Sector
Building Resilience with Energy Management for the Public Sector
Splunk
 
IT-Lagebild: Observability for Resilience (SVA)
IT-Lagebild: Observability for Resilience (SVA)IT-Lagebild: Observability for Resilience (SVA)
IT-Lagebild: Observability for Resilience (SVA)
Splunk
 
Nach dem SOC-Aufbau ist vor der Automatisierung (OFD Baden-Württemberg)
Nach dem SOC-Aufbau ist vor der Automatisierung (OFD Baden-Württemberg)Nach dem SOC-Aufbau ist vor der Automatisierung (OFD Baden-Württemberg)
Nach dem SOC-Aufbau ist vor der Automatisierung (OFD Baden-Württemberg)
Splunk
 
Monitoring einer Sicheren Inter-Netzwerk Architektur (SINA)
Monitoring einer Sicheren Inter-Netzwerk Architektur (SINA)Monitoring einer Sicheren Inter-Netzwerk Architektur (SINA)
Monitoring einer Sicheren Inter-Netzwerk Architektur (SINA)
Splunk
 
Praktische Erfahrungen mit dem Attack Analyser (gematik)
Praktische Erfahrungen mit dem Attack Analyser (gematik)Praktische Erfahrungen mit dem Attack Analyser (gematik)
Praktische Erfahrungen mit dem Attack Analyser (gematik)
Splunk
 
Cisco XDR & Splunk SIEM - stronger together (DATAGROUP Cyber Security)
Cisco XDR & Splunk SIEM - stronger together (DATAGROUP Cyber Security)Cisco XDR & Splunk SIEM - stronger together (DATAGROUP Cyber Security)
Cisco XDR & Splunk SIEM - stronger together (DATAGROUP Cyber Security)
Splunk
 
Security - Mit Sicherheit zum Erfolg (Telekom)
Security - Mit Sicherheit zum Erfolg (Telekom)Security - Mit Sicherheit zum Erfolg (Telekom)
Security - Mit Sicherheit zum Erfolg (Telekom)
Splunk
 
One Cisco - Splunk Public Sector Summit Germany April 2025
One Cisco - Splunk Public Sector Summit Germany April 2025One Cisco - Splunk Public Sector Summit Germany April 2025
One Cisco - Splunk Public Sector Summit Germany April 2025
Splunk
 
.conf Go 2023 - Data analysis as a routine
.conf Go 2023 - Data analysis as a routine.conf Go 2023 - Data analysis as a routine
.conf Go 2023 - Data analysis as a routine
Splunk
 
.conf Go 2023 - How KPN drives Customer Satisfaction on IPTV
.conf Go 2023 - How KPN drives Customer Satisfaction on IPTV.conf Go 2023 - How KPN drives Customer Satisfaction on IPTV
.conf Go 2023 - How KPN drives Customer Satisfaction on IPTV
Splunk
 
.conf Go 2023 - Navegando la normativa SOX (Telefónica)
.conf Go 2023 - Navegando la normativa SOX (Telefónica).conf Go 2023 - Navegando la normativa SOX (Telefónica)
.conf Go 2023 - Navegando la normativa SOX (Telefónica)
Splunk
 
.conf Go 2023 - Raiffeisen Bank International
.conf Go 2023 - Raiffeisen Bank International.conf Go 2023 - Raiffeisen Bank International
.conf Go 2023 - Raiffeisen Bank International
Splunk
 
.conf Go 2023 - På liv og død Om sikkerhetsarbeid i Norsk helsenett
.conf Go 2023 - På liv og død Om sikkerhetsarbeid i Norsk helsenett .conf Go 2023 - På liv og død Om sikkerhetsarbeid i Norsk helsenett
.conf Go 2023 - På liv og død Om sikkerhetsarbeid i Norsk helsenett
Splunk
 
.conf Go 2023 - Many roads lead to Rome - this was our journey (Julius Bär)
.conf Go 2023 - Many roads lead to Rome - this was our journey (Julius Bär).conf Go 2023 - Many roads lead to Rome - this was our journey (Julius Bär)
.conf Go 2023 - Many roads lead to Rome - this was our journey (Julius Bär)
Splunk
 
.conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu...
.conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu....conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu...
.conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu...
Splunk
 
.conf go 2023 - Cyber Resilienz – Herausforderungen und Ansatz für Energiever...
.conf go 2023 - Cyber Resilienz – Herausforderungen und Ansatz für Energiever....conf go 2023 - Cyber Resilienz – Herausforderungen und Ansatz für Energiever...
.conf go 2023 - Cyber Resilienz – Herausforderungen und Ansatz für Energiever...
Splunk
 
.conf go 2023 - De NOC a CSIRT (Cellnex)
.conf go 2023 - De NOC a CSIRT (Cellnex).conf go 2023 - De NOC a CSIRT (Cellnex)
.conf go 2023 - De NOC a CSIRT (Cellnex)
Splunk
 
conf go 2023 - El camino hacia la ciberseguridad (ABANCA)
conf go 2023 - El camino hacia la ciberseguridad (ABANCA)conf go 2023 - El camino hacia la ciberseguridad (ABANCA)
conf go 2023 - El camino hacia la ciberseguridad (ABANCA)
Splunk
 
Splunk - BMW connects business and IT with data driven operations SRE and O11y
Splunk - BMW connects business and IT with data driven operations SRE and O11ySplunk - BMW connects business and IT with data driven operations SRE and O11y
Splunk - BMW connects business and IT with data driven operations SRE and O11y
Splunk
 
Splunk Security Update | Public Sector Summit Germany 2025
Splunk Security Update | Public Sector Summit Germany 2025Splunk Security Update | Public Sector Summit Germany 2025
Splunk Security Update | Public Sector Summit Germany 2025
Splunk
 
Building Resilience with Energy Management for the Public Sector
Building Resilience with Energy Management for the Public SectorBuilding Resilience with Energy Management for the Public Sector
Building Resilience with Energy Management for the Public Sector
Splunk
 
IT-Lagebild: Observability for Resilience (SVA)
IT-Lagebild: Observability for Resilience (SVA)IT-Lagebild: Observability for Resilience (SVA)
IT-Lagebild: Observability for Resilience (SVA)
Splunk
 
Nach dem SOC-Aufbau ist vor der Automatisierung (OFD Baden-Württemberg)
Nach dem SOC-Aufbau ist vor der Automatisierung (OFD Baden-Württemberg)Nach dem SOC-Aufbau ist vor der Automatisierung (OFD Baden-Württemberg)
Nach dem SOC-Aufbau ist vor der Automatisierung (OFD Baden-Württemberg)
Splunk
 
Monitoring einer Sicheren Inter-Netzwerk Architektur (SINA)
Monitoring einer Sicheren Inter-Netzwerk Architektur (SINA)Monitoring einer Sicheren Inter-Netzwerk Architektur (SINA)
Monitoring einer Sicheren Inter-Netzwerk Architektur (SINA)
Splunk
 
Praktische Erfahrungen mit dem Attack Analyser (gematik)
Praktische Erfahrungen mit dem Attack Analyser (gematik)Praktische Erfahrungen mit dem Attack Analyser (gematik)
Praktische Erfahrungen mit dem Attack Analyser (gematik)
Splunk
 
Cisco XDR & Splunk SIEM - stronger together (DATAGROUP Cyber Security)
Cisco XDR & Splunk SIEM - stronger together (DATAGROUP Cyber Security)Cisco XDR & Splunk SIEM - stronger together (DATAGROUP Cyber Security)
Cisco XDR & Splunk SIEM - stronger together (DATAGROUP Cyber Security)
Splunk
 
Security - Mit Sicherheit zum Erfolg (Telekom)
Security - Mit Sicherheit zum Erfolg (Telekom)Security - Mit Sicherheit zum Erfolg (Telekom)
Security - Mit Sicherheit zum Erfolg (Telekom)
Splunk
 
One Cisco - Splunk Public Sector Summit Germany April 2025
One Cisco - Splunk Public Sector Summit Germany April 2025One Cisco - Splunk Public Sector Summit Germany April 2025
One Cisco - Splunk Public Sector Summit Germany April 2025
Splunk
 
.conf Go 2023 - Data analysis as a routine
.conf Go 2023 - Data analysis as a routine.conf Go 2023 - Data analysis as a routine
.conf Go 2023 - Data analysis as a routine
Splunk
 
.conf Go 2023 - How KPN drives Customer Satisfaction on IPTV
.conf Go 2023 - How KPN drives Customer Satisfaction on IPTV.conf Go 2023 - How KPN drives Customer Satisfaction on IPTV
.conf Go 2023 - How KPN drives Customer Satisfaction on IPTV
Splunk
 
.conf Go 2023 - Navegando la normativa SOX (Telefónica)
.conf Go 2023 - Navegando la normativa SOX (Telefónica).conf Go 2023 - Navegando la normativa SOX (Telefónica)
.conf Go 2023 - Navegando la normativa SOX (Telefónica)
Splunk
 
.conf Go 2023 - Raiffeisen Bank International
.conf Go 2023 - Raiffeisen Bank International.conf Go 2023 - Raiffeisen Bank International
.conf Go 2023 - Raiffeisen Bank International
Splunk
 
.conf Go 2023 - På liv og død Om sikkerhetsarbeid i Norsk helsenett
.conf Go 2023 - På liv og død Om sikkerhetsarbeid i Norsk helsenett .conf Go 2023 - På liv og død Om sikkerhetsarbeid i Norsk helsenett
.conf Go 2023 - På liv og død Om sikkerhetsarbeid i Norsk helsenett
Splunk
 
.conf Go 2023 - Many roads lead to Rome - this was our journey (Julius Bär)
.conf Go 2023 - Many roads lead to Rome - this was our journey (Julius Bär).conf Go 2023 - Many roads lead to Rome - this was our journey (Julius Bär)
.conf Go 2023 - Many roads lead to Rome - this was our journey (Julius Bär)
Splunk
 
.conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu...
.conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu....conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu...
.conf Go 2023 - Das passende Rezept für die digitale (Security) Revolution zu...
Splunk
 
.conf go 2023 - Cyber Resilienz – Herausforderungen und Ansatz für Energiever...
.conf go 2023 - Cyber Resilienz – Herausforderungen und Ansatz für Energiever....conf go 2023 - Cyber Resilienz – Herausforderungen und Ansatz für Energiever...
.conf go 2023 - Cyber Resilienz – Herausforderungen und Ansatz für Energiever...
Splunk
 
.conf go 2023 - De NOC a CSIRT (Cellnex)
.conf go 2023 - De NOC a CSIRT (Cellnex).conf go 2023 - De NOC a CSIRT (Cellnex)
.conf go 2023 - De NOC a CSIRT (Cellnex)
Splunk
 
conf go 2023 - El camino hacia la ciberseguridad (ABANCA)
conf go 2023 - El camino hacia la ciberseguridad (ABANCA)conf go 2023 - El camino hacia la ciberseguridad (ABANCA)
conf go 2023 - El camino hacia la ciberseguridad (ABANCA)
Splunk
 
Splunk - BMW connects business and IT with data driven operations SRE and O11y
Splunk - BMW connects business and IT with data driven operations SRE and O11ySplunk - BMW connects business and IT with data driven operations SRE and O11y
Splunk - BMW connects business and IT with data driven operations SRE and O11y
Splunk
 
Ad

Recently uploaded (20)

Top 5 Mistakes to Avoid When Writing a Job Application
Top 5 Mistakes to Avoid When Writing a Job ApplicationTop 5 Mistakes to Avoid When Writing a Job Application
Top 5 Mistakes to Avoid When Writing a Job Application
Red Tape Busters
 
Disinformation in Society Report 2025 Key Findings
Disinformation in Society Report 2025 Key FindingsDisinformation in Society Report 2025 Key Findings
Disinformation in Society Report 2025 Key Findings
MariumAbdulhussein
 
Alec Lawler - A Passion For Building Brand Awareness
Alec Lawler - A Passion For Building Brand AwarenessAlec Lawler - A Passion For Building Brand Awareness
Alec Lawler - A Passion For Building Brand Awareness
Alec Lawler
 
Petslify Turns Pet Photos into Hug-Worthy Memories
Petslify Turns Pet Photos into Hug-Worthy MemoriesPetslify Turns Pet Photos into Hug-Worthy Memories
Petslify Turns Pet Photos into Hug-Worthy Memories
Petslify
 
Solaris Resources Presentation - Corporate April 2025.pdf
Solaris Resources Presentation - Corporate April 2025.pdfSolaris Resources Presentation - Corporate April 2025.pdf
Solaris Resources Presentation - Corporate April 2025.pdf
pchambers2
 
Harnessing Hyper-Localisation: A New Era in Retail Strategy
Harnessing Hyper-Localisation: A New Era in Retail StrategyHarnessing Hyper-Localisation: A New Era in Retail Strategy
Harnessing Hyper-Localisation: A New Era in Retail Strategy
RUPAL AGARWAL
 
Affinity.co Lifecycle Marketing Presentation
Affinity.co Lifecycle Marketing PresentationAffinity.co Lifecycle Marketing Presentation
Affinity.co Lifecycle Marketing Presentation
omiller199514
 
TNR Gold Investor Summary - Building The Green Energy Metals Royalty and Gold...
TNR Gold Investor Summary - Building The Green Energy Metals Royalty and Gold...TNR Gold Investor Summary - Building The Green Energy Metals Royalty and Gold...
TNR Gold Investor Summary - Building The Green Energy Metals Royalty and Gold...
Kirill Klip
 
From Dreams to Threads: The Story Behind The Chhapai
From Dreams to Threads: The Story Behind The ChhapaiFrom Dreams to Threads: The Story Behind The Chhapai
From Dreams to Threads: The Story Behind The Chhapai
The Chhapai
 
Treis & Friends One sheet - Portfolio IV
Treis & Friends One sheet - Portfolio IVTreis & Friends One sheet - Portfolio IV
Treis & Friends One sheet - Portfolio IV
aparicioregina7
 
Network Detection and Response (NDR): The Future of Intelligent Cybersecurity
Network Detection and Response (NDR): The Future of Intelligent CybersecurityNetwork Detection and Response (NDR): The Future of Intelligent Cybersecurity
Network Detection and Response (NDR): The Future of Intelligent Cybersecurity
GauriKale30
 
Mexico Office Furniture Market Share, Size, Growth & Trends (2025-2034)
Mexico Office Furniture Market Share, Size, Growth & Trends (2025-2034)Mexico Office Furniture Market Share, Size, Growth & Trends (2025-2034)
Mexico Office Furniture Market Share, Size, Growth & Trends (2025-2034)
janewatson684
 
Salesforce_Architecture_Diagramming_Workshop (1).pptx
Salesforce_Architecture_Diagramming_Workshop (1).pptxSalesforce_Architecture_Diagramming_Workshop (1).pptx
Salesforce_Architecture_Diagramming_Workshop (1).pptx
reinbauwens1
 
20250428 CDB Investor Deck_Apr25_vFF.pdf
20250428 CDB Investor Deck_Apr25_vFF.pdf20250428 CDB Investor Deck_Apr25_vFF.pdf
20250428 CDB Investor Deck_Apr25_vFF.pdf
yihong30
 
The Rise of Payroll Outsourcing in the UK: Key Statistics for 2025
The Rise of Payroll Outsourcing in the UK: Key Statistics for 2025The Rise of Payroll Outsourcing in the UK: Key Statistics for 2025
The Rise of Payroll Outsourcing in the UK: Key Statistics for 2025
QX Accounting Services Ltd
 
The Peter Cowley Entrepreneurship Event Master 30th.pdf
The Peter Cowley Entrepreneurship Event Master 30th.pdfThe Peter Cowley Entrepreneurship Event Master 30th.pdf
The Peter Cowley Entrepreneurship Event Master 30th.pdf
Richard Lucas
 
EquariusAI analytics for business water risk
EquariusAI analytics for business water riskEquariusAI analytics for business water risk
EquariusAI analytics for business water risk
Peter Adriaens
 
waterBeta white paper - 250202- two-column.docx
waterBeta white paper - 250202- two-column.docxwaterBeta white paper - 250202- two-column.docx
waterBeta white paper - 250202- two-column.docx
Peter Adriaens
 
The Fascinating World of Hats: A Brief History of Hats
The Fascinating World of Hats: A Brief History of HatsThe Fascinating World of Hats: A Brief History of Hats
The Fascinating World of Hats: A Brief History of Hats
nimrabilal030
 
2_English_Vocabulary_In_Use_Pre-Intermediate_Cambridge_-_Fourth_Edition (1).pdf
2_English_Vocabulary_In_Use_Pre-Intermediate_Cambridge_-_Fourth_Edition (1).pdf2_English_Vocabulary_In_Use_Pre-Intermediate_Cambridge_-_Fourth_Edition (1).pdf
2_English_Vocabulary_In_Use_Pre-Intermediate_Cambridge_-_Fourth_Edition (1).pdf
ThiNgc22
 
Top 5 Mistakes to Avoid When Writing a Job Application
Top 5 Mistakes to Avoid When Writing a Job ApplicationTop 5 Mistakes to Avoid When Writing a Job Application
Top 5 Mistakes to Avoid When Writing a Job Application
Red Tape Busters
 
Disinformation in Society Report 2025 Key Findings
Disinformation in Society Report 2025 Key FindingsDisinformation in Society Report 2025 Key Findings
Disinformation in Society Report 2025 Key Findings
MariumAbdulhussein
 
Alec Lawler - A Passion For Building Brand Awareness
Alec Lawler - A Passion For Building Brand AwarenessAlec Lawler - A Passion For Building Brand Awareness
Alec Lawler - A Passion For Building Brand Awareness
Alec Lawler
 
Petslify Turns Pet Photos into Hug-Worthy Memories
Petslify Turns Pet Photos into Hug-Worthy MemoriesPetslify Turns Pet Photos into Hug-Worthy Memories
Petslify Turns Pet Photos into Hug-Worthy Memories
Petslify
 
Solaris Resources Presentation - Corporate April 2025.pdf
Solaris Resources Presentation - Corporate April 2025.pdfSolaris Resources Presentation - Corporate April 2025.pdf
Solaris Resources Presentation - Corporate April 2025.pdf
pchambers2
 
Harnessing Hyper-Localisation: A New Era in Retail Strategy
Harnessing Hyper-Localisation: A New Era in Retail StrategyHarnessing Hyper-Localisation: A New Era in Retail Strategy
Harnessing Hyper-Localisation: A New Era in Retail Strategy
RUPAL AGARWAL
 
Affinity.co Lifecycle Marketing Presentation
Affinity.co Lifecycle Marketing PresentationAffinity.co Lifecycle Marketing Presentation
Affinity.co Lifecycle Marketing Presentation
omiller199514
 
TNR Gold Investor Summary - Building The Green Energy Metals Royalty and Gold...
TNR Gold Investor Summary - Building The Green Energy Metals Royalty and Gold...TNR Gold Investor Summary - Building The Green Energy Metals Royalty and Gold...
TNR Gold Investor Summary - Building The Green Energy Metals Royalty and Gold...
Kirill Klip
 
From Dreams to Threads: The Story Behind The Chhapai
From Dreams to Threads: The Story Behind The ChhapaiFrom Dreams to Threads: The Story Behind The Chhapai
From Dreams to Threads: The Story Behind The Chhapai
The Chhapai
 
Treis & Friends One sheet - Portfolio IV
Treis & Friends One sheet - Portfolio IVTreis & Friends One sheet - Portfolio IV
Treis & Friends One sheet - Portfolio IV
aparicioregina7
 
Network Detection and Response (NDR): The Future of Intelligent Cybersecurity
Network Detection and Response (NDR): The Future of Intelligent CybersecurityNetwork Detection and Response (NDR): The Future of Intelligent Cybersecurity
Network Detection and Response (NDR): The Future of Intelligent Cybersecurity
GauriKale30
 
Mexico Office Furniture Market Share, Size, Growth & Trends (2025-2034)
Mexico Office Furniture Market Share, Size, Growth & Trends (2025-2034)Mexico Office Furniture Market Share, Size, Growth & Trends (2025-2034)
Mexico Office Furniture Market Share, Size, Growth & Trends (2025-2034)
janewatson684
 
Salesforce_Architecture_Diagramming_Workshop (1).pptx
Salesforce_Architecture_Diagramming_Workshop (1).pptxSalesforce_Architecture_Diagramming_Workshop (1).pptx
Salesforce_Architecture_Diagramming_Workshop (1).pptx
reinbauwens1
 
20250428 CDB Investor Deck_Apr25_vFF.pdf
20250428 CDB Investor Deck_Apr25_vFF.pdf20250428 CDB Investor Deck_Apr25_vFF.pdf
20250428 CDB Investor Deck_Apr25_vFF.pdf
yihong30
 
The Rise of Payroll Outsourcing in the UK: Key Statistics for 2025
The Rise of Payroll Outsourcing in the UK: Key Statistics for 2025The Rise of Payroll Outsourcing in the UK: Key Statistics for 2025
The Rise of Payroll Outsourcing in the UK: Key Statistics for 2025
QX Accounting Services Ltd
 
The Peter Cowley Entrepreneurship Event Master 30th.pdf
The Peter Cowley Entrepreneurship Event Master 30th.pdfThe Peter Cowley Entrepreneurship Event Master 30th.pdf
The Peter Cowley Entrepreneurship Event Master 30th.pdf
Richard Lucas
 
EquariusAI analytics for business water risk
EquariusAI analytics for business water riskEquariusAI analytics for business water risk
EquariusAI analytics for business water risk
Peter Adriaens
 
waterBeta white paper - 250202- two-column.docx
waterBeta white paper - 250202- two-column.docxwaterBeta white paper - 250202- two-column.docx
waterBeta white paper - 250202- two-column.docx
Peter Adriaens
 
The Fascinating World of Hats: A Brief History of Hats
The Fascinating World of Hats: A Brief History of HatsThe Fascinating World of Hats: A Brief History of Hats
The Fascinating World of Hats: A Brief History of Hats
nimrabilal030
 
2_English_Vocabulary_In_Use_Pre-Intermediate_Cambridge_-_Fourth_Edition (1).pdf
2_English_Vocabulary_In_Use_Pre-Intermediate_Cambridge_-_Fourth_Edition (1).pdf2_English_Vocabulary_In_Use_Pre-Intermediate_Cambridge_-_Fourth_Edition (1).pdf
2_English_Vocabulary_In_Use_Pre-Intermediate_Cambridge_-_Fourth_Edition (1).pdf
ThiNgc22
 

Splunk Security Session - .conf Go Köln

  • 1. © 2022 SPLUNK INC. Security Session 15. November, Köln
  • 3. © 2019 SPLUNK INC. Matthias Maier Product Marketing Director for Security in EMEA Experience • Since 02.2013 @Splunk • Former LogLogic/TIBCO, McAfee/Intel Security • CEH, CISSP, CISM
  • 4. © 2022 SPLUNK INC. Agenda Cyber Security Trends Trends in Security Operations The Splunk Approach Security Product & Solution Update My Top 3 Security Breakouts Next Steps!
  • 6. © 2022 SPLUNK INC. Double Triple Extortion Ransomware (Dreifach Bestrafung) 1989; Mid 2000 until Today Finland Mental Health Triple Extortion Allianz Global Corporate & Speciality
  • 7. © 2022 SPLUNK INC. Verletzung der Geheimhaltungs- u. Vertraulichkeits- vereinbarung von Verträgen Vorfall 1
  • 8. © 2022 SPLUNK INC. Akquise von Zugangsdaten von Mitarbeitern / Dienstleistern / Zeitarbeitern Vorfall 2
  • 9. © 2022 SPLUNK INC. Zerstörung einer Produktionsstätte Vorfall 3
  • 10. © 2022 SPLUNK INC. Gesetzliche Vorgaben und Empfehlungen Staatliche Instrumente BSI Mindeststandards IT Sicherheitsgesetz 2.0 KRITIS Sektoren basierte Standards
  • 11. © 2022 SPLUNK INC. BSI Mindeststandards Beispiel: Mindeststandard des BSI zur Protokollierung und Detektion von Cyber- Angriffen https://www.bsi.bund.de/DE/Themen/Oeffentliche-Verwaltung/Mindeststandards/PDCA/PDCA_node.html
  • 12. © 2022 SPLUNK INC. BSI Mindeststandards Beispiel: Mindeststandard des BSI zur Protokollierung und Detektion von Cyber- Angriffen https://www.bsi.bund.de/DE/Themen/Oeffentliche-Verwaltung/Mindeststandards/PDCA/PDCA_node.html
  • 13. © 2022 SPLUNK INC. §8a (1a) Angriffserkennung § 8a (3) Nachweise § 8b Meldepflicht § 8a Absatz 1 BSIG - Konkretisierung der KRITIS-Anforderungen
  • 14. © 2022 SPLUNK INC. Trends in Security Operations
  • 15. © 2022 SPLUNK INC. Typical SOC Function Triangle Modern SOC Modern Functional SOC Trend 1) The Evolution of SOC’s Monitoring & Detection Detection Engineering Incident Response Monitoring & Detection Detection Engineering Incident Response & Hunting Threat Intel Monitoring & Detection Detection Engineering Incident Response & Hunting Threat Intel Info Sec OT Sec NOC IOT Sec Source: Gartner
  • 16. © 2022 SPLUNK INC. Challenges today… Lack of Visibility Expanding Attack Surface Tooling Complexity Skilled Resource Constraints
  • 17. © 2022 SPLUNK INC. Trend 2) New Roles in Security Operations Security Content Developer/ Detection Engineer Automation Engineer
  • 18. © 2022 SPLUNK INC. Trend 3) Das datenzentrierte moderne SOC Erkennung, Untersuchung und Reaktion auf digitale Bedrohungen Data Platform Intelligence Management Threat Research Analytics Automation and Orchestration Detect/Correlate Predict/Prevent Discover/Prepar e Analyze/Investiga te Report/Comply Triage/Respond Unparalleled Ecosystem • Apps • Technical architectures • Connections • Partners • Community
  • 19. © 2022 SPLUNK INC. Security Product & Solution Update
  • 20. © 2022 SPLUNK INC. Unser Grundverständnis Sicherheit ist ein Datenproblem Ein Vorfall ist ein Vorfall Alle Daten sind sicherheitsrelevant
  • 21. © 2022 SPLUNK INC. Das datenzentrierte moderne SOC Erkennung, Untersuchung und Reaktion auf digitale Bedrohungen Splunk Platform Threat Intelligence Management Splunk Threat Research / SURGe Splunk Enterprise Security Splunk SOAR Splunkbase • 2,700+ integrations Detect/Correlate Predict/Prevent Discover/Prepare Analyze/Investigate Report/Comply Triage/Respond
  • 22. © 2022 SPLUNK INC. Splunk #1 Worldwide by Revenue in 2021 for SIEM • Splunk is the SIEM market share leader for 2021 capturing 30% of the global market • The Security market grew 23% YoY to $60B in 2021. SIEM market is now $4.1B growing 20% in 2021 • *Others = Vendors beyond the top 8 vendors in this space Chart created by Splunk based on Gartner research. Source: Gartner, Inc., Market Share: All Software Markets, Worldwide 2021; Neha Gupta; April 12, 2022. Splunk IBM Microsoft LogRhythm Micro Focus Exabeam RSA Securonix Other 30% 17% 11% 6% 5% 4% 4% 3% 21% Total Market $4.1B +20%
  • 23. © 2022 SPLUNK INC. Splunk Recognized as a Leader in the 2022 Magic Quadrant for Security Information and Event Management • Splunk named a Leader for the 9th time! • One of the longest running recognitions in the history of the SIEM market. • Splunk is in the top 3 vendors for Vision and Execution in the Leaders Quadrant, moving ahead of IBM in Vision and ahead of Exabeam and Securonix in Execution Gartner disclaimer: Gartner, Inc., 2022 Magic Quadrant for Security Information and Event Management, and Critical Capabilities for Security Information and Event Management, Pete Shoard, Andrew Davies, Mitchell Schneider. 11 October 2022. This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from Splunk. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.
  • 24. © 2022 SPLUNK INC. 72.000 Leser haben abgestimmt Readers Choice PLATIN Erster Platz SIEM & SOAR
  • 25. © 2022 SPLUNK INC. Leveraging MITRE ATT&CK with Splunk MITRE Att&ck Tactics and Techniques Data Sources Detection Rules
  • 26. © 2022 SPLUNK INC. Splunk Security Essentials Browse, bookmark, and deploy 1100+ security detections and analytic stories ● Repository of Security Content for Splunk Cloud, Enterprise Security, UEBA, and SOAR ● Deploy security content within clicks ● Enrich notable events and run analytics with context from content library ● Stay up to date on ransomware + emerging threats
  • 27. © 2022 SPLUNK INC. Splunk Enterprise Security A data-centric, modern SIEM • Gain insight into your security posture and investigate with speed and flexibility • Reduce false positives by up to 80%, detect more sophisticated threats, and align security operations to industry frameworks • Use pre-built detection and investigation content to more easily secure your AWS, Azure, and Google Cloud Platform data • Scale to search and monitor terabytes of data per day
  • 28. © 2022 SPLUNK INC. Splunk Enterprise Security A data-centric, modern SIEM • Gain insight into your security posture and investigate with speed and flexibility • Reduce false positives by up to 80%, detect more sophisticated threats, and align security operations to industry frameworks • Use pre-built detection and investigation content to more easily secure your AWS, Azure, and Google Cloud Platform data • Scale to search and monitor terabytes of data per day
  • 29. © 2022 SPLUNK INC. Advanced Analytics ● 700+ detections with 100+ cloud- based detections ● 30% increase in true-positive alert rates with Risk-Based Alerting (RBA) ● Enrich and prioritize alerts with integrated threat intelligence (Splunk Intelligence Management) ● Align security operations to industry frameworks (MITRE ATT&CK, NIST, CIS 20, and Kill Chain) ● Dive deep with intuitive search and investigation capabilities Boost productivity
  • 30. © 2022 SPLUNK INC. Splunk SOAR • Effortless Automation through a Simplified Interface • Decreased dependence on custom code • Definable playbook inputs and outputs reduces automation development time • Scale Automation Efficiently and Quickly with Modular Playbooks Boost productivity
  • 31. © 2022 SPLUNK INC. Splunk SOAR • Effortless Automation through a Simplified Interface • Decreased dependence on custom code • Definable playbook inputs and outputs reduces automation development time • Scale Automation Efficiently and Quickly with Modular Playbooks Boost productivity
  • 32. © 2022 SPLUNK INC. My Must Watch Sessions There are many other good once! Got Assets? Defending Your Assets Part Two: You Asked for It! SEC1219B One App To Rule Them All: Applying Machine Learning To Find Them SEC1471B Build Detection as Code Like the Splunk Threat Research Team SEC1197C Threat Research Engineer Cyber Security Unit Manager Security Engineer Senior SOAR Engineer https://conf.splunk.com/watch/conf-online.html?search=SEC1219B#/ https://conf.splunk.com/watch/conf-online.html?search=SEC1471B#/ https://conf.splunk.com/watch/conf-online.html?search=SEC1197C#/
  • 33. © 2022 SPLUNK INC. Got Assets? Defending Your Assets Part Two: You Asked for It!
  • 34. © 2022 SPLUNK INC. Got Assets? Defending Your Assets Part Two: You Asked for It!
  • 35. © 2022 SPLUNK INC. Got Assets? Defending Your Assets Part Two: You Asked for It!
  • 36. © 2022 SPLUNK INC. Got Assets? Defending Your Assets Part Two: You Asked for It!
  • 37. © 2022 SPLUNK INC. Got Assets? Defending Your Assets Part Two: You Asked for It!
  • 38. © 2022 SPLUNK INC. Got Assets? Defending Your Assets Part Two: You Asked for It!
  • 39. © 2022 SPLUNK INC. One App To Rule Them All Applying Machine Learning To Find Them
  • 40. © 2022 SPLUNK INC. One App To Rule Them All Applying Machine Learning To Find Them
  • 41. © 2022 SPLUNK INC. One App To Rule Them All Applying Machine Learning To Find Them
  • 42. © 2022 SPLUNK INC. One App To Rule Them All Applying Machine Learning To Find Them
  • 43. © 2022 SPLUNK INC. One App To Rule Them All Applying Machine Learning To Find Them
  • 44. © 2022 SPLUNK INC. One App To Rule Them All Applying Machine Learning To Find Them
  • 45. © 2022 SPLUNK INC. Build Detection as Code Like the Splunk Threat Research Team
  • 46. © 2022 SPLUNK INC. Build Detection as Code Like the Splunk Threat Research Team
  • 47. © 2022 SPLUNK INC. Build Detection as Code Like the Splunk Threat Research Team
  • 48. © 2022 SPLUNK INC. Build Detection as Code Like the Splunk Threat Research Team
  • 49. © 2022 SPLUNK INC. Build Detection as Code Like the Splunk Threat Research Team
  • 50. © 2022 SPLUNK INC. Build Detection as Code Like the Splunk Threat Research Team
  • 51. © 2022 SPLUNK INC. My Must Watch Sessions There are many other good once! Got Assets? Defending Your Assets Part Two: You Asked for It! SEC1219B One App To Rule Them All: Applying Machine Learning To Find Them SEC1471B Build Detection as Code Like the Splunk Threat Research Team SEC1197C Threat Research Engineer Cyber Security Unit Manager Security Engineer Senior SOAR Engineer https://conf.splunk.com/watch/conf-online.html?search=SEC1219B#/ https://conf.splunk.com/watch/conf-online.html?search=SEC1471B#/ https://conf.splunk.com/watch/conf-online.html?search=SEC1197C#/
  • 52. © 2022 SPLUNK INC. Next Steps SecOps Journey a) Schedule inhouse for your team! b) Attend Online (https://events.splunk.com/EMEA_Security_Worksh ops)
  • 53. © 2022 SPLUNK INC. BOTS Platform https://bots.splunk.com 24x7 Access Login with Splunk.com account (just like Splunkbase) Used for all BOTS competition events More content to be added
  • 54. © 2022 SPLUNK INC. Thank You!