Splunk [Phantom] 2019 .conf Videos w/ Slides

by Splunk

December 24, 2019 11:10 am

Splunk [Phantom] 2019 .conf Videos w/ Slides Would you be able to detect a sophisticated adversary targeting your Kubernetes clusters and workloads tonight? How do busy teams with stacked backlogs find time to learn how to attack Kubernetes clusters, detect those attacks, and build defenses to reduce the attack surface? We will demonstrate an effective purple team methodology that “uses every part of the buffalo” by 1) executing attacks on Kubernetes using the open source tool Peirates, 2) tracking the attack artifacts from the adversary simulation in Splunk, 3) teaching the defenders how the attack was performed and where to look for forensic artifacts, and 4) working together in the purple-est way possible to improve detection and response capabilities using Splunk Enterprise Security, Splunk Phantom, and Peirates.

Speaker(s)
Brian Genz, Senior Manager, Threat & Vulnerability Mgmt., Splunk
Jay Beale, CTO, InGuardians

Slides PDF link – https://conf.splunk.com/files/2019/slides/SEC2286.pdf?podcast=1577146237

Product: Splunk Enterprise Security, Phantom
Track: Security, Compliance and Fraud
Level: Advanced

Recent Episodes

Attacking and Defending Kubernetes: A Purple Team Approach to Improving Detection Using Splunk Enterprise Security, Splunk Phantom and Peirates [Splunk Enterprise Security, Phantom]
5 years ago
ATT&CK™ Yourself Before Someone Else Does [Splunk Enterprise, Splunk Enterprise Security, Phantom]
5 years ago
Automate Your Phishing Response with Splunk Enterprise Security, Splunk Phantom, and Machine Learning [Splunk Enterprise, Splunk Enterprise Security, Phantom]
5 years ago
Best Practices for Rapid Containment of Incidents [Splunk Enterprise, Phantom]
5 years ago
Beyond Tier 1 Automation: The Hidden Value of Splunk Phantom Automation for Security Operations [Splunk Enterprise, Phantom]
5 years ago
Build Automated Decisions for Incident Response with Splunk Phantom [Splunk Enterprise, Phantom]
5 years ago
Building a Security Monitoring Strategy 2.0 [Splunk Enterprise Security, Splunk Machine Learning Toolkit, Phantom]
5 years ago
Deploying Splunk Enterprise Security and Splunk Phantom At Scale [Splunk Enterprise, Splunk Enterprise Security, Phantom]
5 years ago
Differentiating Evil from Benign in the Normally Abnormal World [Splunk Enterprise Security, Splunk IT Service Intelligence, Phantom]
5 years ago
Diving into Splunk Phantom's Overlooked Features [Phantom]
5 years ago

Splunk [Phantom] 2019 .conf Videos w/ Slides

by Splunk

Recent Episodes

Attacking and Defending Kubernetes: A Purple Team Approach to Improving Detection Using Splunk Enterprise Security, Splunk Phantom and Peirates [Splunk Enterprise Security, Phantom]

ATT&CK™ Yourself Before Someone Else Does [Splunk Enterprise, Splunk Enterprise Security, Phantom]

Automate Your Phishing Response with Splunk Enterprise Security, Splunk Phantom, and Machine Learning [Splunk Enterprise, Splunk Enterprise Security, Phantom]

Best Practices for Rapid Containment of Incidents [Splunk Enterprise, Phantom]

Beyond Tier 1 Automation: The Hidden Value of Splunk Phantom Automation for Security Operations [Splunk Enterprise, Phantom]

Build Automated Decisions for Incident Response with Splunk Phantom [Splunk Enterprise, Phantom]

Building a Security Monitoring Strategy 2.0 [Splunk Enterprise Security, Splunk Machine Learning Toolkit, Phantom]

Deploying Splunk Enterprise Security and Splunk Phantom At Scale [Splunk Enterprise, Splunk Enterprise Security, Phantom]

Differentiating Evil from Benign in the Normally Abnormal World [Splunk Enterprise Security, Splunk IT Service Intelligence, Phantom]

Diving into Splunk Phantom's Overlooked Features [Phantom]