Name: Enhance your Security Detections with Machine Learning
Start: 2022-09-22T12:00:00Z
End: 2022-09-22T12:00:45.000Z
Location: BrightTALK
Rating: 5

Splunk is helping to build a safer and more resilient digital world by equipping customers with the unified security and observability platform they need to keep their organization securely up and running — no matter what digital disruptions come their way.

Digital transformation demands that ITOps evolve. As services become more complex and the data they generate continues to grow exponentially, ITOps teams need to enlist modern management solutions.

Join this session to see how Splunk can help you modernize your IT Operations to predictive AIOps in a crawl, walk, run fashion – regardless of where you are at today. You’ll learn how to quickly integrate your existing monitoring and IT Service Management data into the Splunk platform, and find out how to leverage powerful event correlation and predictive analytics in Splunk IT Service Intelligence to significantly reduce alert noise, accelerate root cause analysis and prevent incidents before they impact your customers.

During this session, we will cover:


How to leverage event correlation to group, prioritize and reduce alert noise
How to easily onboard, integrate, and visualize data from existing sources
Predictive service performance insights, including how issues can get fixed before customers are impacted

PRESENTERS:
Wes Cooper
Director, Product Marketing
Splunk

Kara Gillis
Senior Director, Product Management
Splunk

How to Modernize IT Operations with Splunk ITSI: A Journey to Predictive AIOps

Want to accelerate your ability to predict and prevent incidents before they occur? Learn how Splunk AI can be the catalyst. Join us to learn how to get started using Splunk AI for Predictive Maintenance, Detecting Service Performance Issues, Alert Noise Reduction, and User Experience Monitoring.

We'll introduce the AI impact assessment framework to assess objectives, risk, and execution capacity, demonstrate how to use custom Anomaly Detection with the Splunk Platform and discuss the embedded AI capabilities in Splunk Observability Cloud with a special focus on Splunk ITSI.

Tune into this session to learn how Splunk AI can help you:

-Predict and prevent incidents before they occur
-See how AIOps and Splunk's embedded AI capabilities can reduce alert noise, prevent outages, and enable faster remediation
-Learn how Splunk users are tackling AI use cases today

Presenters: 
Greg Ainslie-Mali
Field CTO & Strategic Advisor - Technology & Innovation
Splunk

Kelsey King
Machine Learning
Product Manager
Splunk

Annette Sheppard
Director
Product Marketing - AIOps
Splunk

Isha Gandhi
Product Manager
Observability for IT
Splunk

Splunk AI for Observability: Accelerate Detection, Investigation and Response

Security continues to command the spotlight in boardroom discussions, and companies are prioritizing cybersecurity like never before. From justifying the return on investment of security measures to preparing for increasingly sophisticated ransomware attacks or harnessing the power of generative AI, it’s clear that cyber risk is business risk.

Join Patrick Coughlin and Audra Streetman for their take on top of mind security topics for 2024, including:

- AI: The double-edged sword
- The [continued] elevated status of the CISO 
-The morphing of cyberwarfare
- Ransomware. Seriously, will we ever stop talking about this?
- Collaboration and integration for resilience

Splunk Security Predictions: What To Expect in 2024

Want to know how CISOs are addressing the latest threats, keeping up with AI and changing the security culture in their organization?

An independent research study of 350+ senior security executives revealed that 90% percent of CISOs have faced a disruptive attack in the last year. And while they’re adapting to stay on top of board expectations and ahead of cyber attackers, they aren’t getting much sleep at night.

Join this webinar for a deep-dive into the top findings from the study including why:

- 70% of security leaders believe AI benefits attackers more than defenders
- 47% of CISOs now report directly to the CEO
- 83% of CISOs paid attackers in the wake of a ransomware attack

The CISO Report: Emerging Trends, Threats and Strategies for Security Leaders

Wanting to accelerate your threat hunting? Learn how Splunk AI can be the catalyst. Join us to learn how to leverage the PEAK threat hunting framework and Splunk AI to find malware dictionary-DGA domains.

We'll introduce the PEAK framework, walk through the hunt step-by-step, and demonstrate how to turn a successful hunt into automated detection.

Tune into this session on-demand to learn how PEAK and Splunk AI can help you:

* Learn the basics of the PEAK threat hunting framework developed by Splunk’s SURGe security research team.
* Understand the power Splunk AI can bring to your threat hunts.
* See how to create automated detections from your successful hunts.

Model Assisted Threat Hunting Powered by PEAK & Splunk AI

Staying ahead of threat actors is becoming increasingly more difficult as the volume of phishing and malware attacks dramatically increases quarter over quarter, phishing campaigns continue to become more sophisticated, and analysts are overwhelmed with daily alerts.

While detection-based products play a critical role in alerting security teams to an attack, analysts need additional visibility and context to fully understand the scope of an incident and respond as quickly as possible.

Join Neal Iyer, Senior Principal Product Manager at Splunk, and Casey Wopat, Principal Product Marketing Manager, for an overview and demo of Splunk Attack Analyzer to learn how automated threat analysis helps security teams:

Take the manual work out of credential phishing and malware threat analysis to efficiently handle large volumes of alerts and save analysts time.

Gain consistent, comprehensive, high-quality threat analysis fully understand the scope of complex attack chains.
Build intelligent automation for end-to-end threat analysis and response by pairing Splunk Attack Analyzer with Splunk SOAR.

Reduce Investigation and Response Time With Automated Threat Analysis

Mit Florian Jörgens, Chief Information Security Officer (CISO) bei Vorwerk, Hochschuldozent, Autor und wissenschaftlicher Mitarbeiter. Außerdem mit dabei: Matthias Maier, EMEA Cyber Security Market Advisor bei Splunk.

Das Unternehmen Vorwerk kennt praktisch jede und jeder. Nicht nur, weil der Wuppertaler Hersteller elektrischer Haushaltsgeräte bereits seit Generationen Staubsauger wie den Kobold, Küchenmaschinen wie den Thermomix und weitere Haushaltshelfer wie das Teegerät Temial in die deutschen Haushalte bringt. Einzigartig ist auch das Vertriebsmodell des 1883 gegründeten Unternehmens, dessen wichtigste Säule bis heute der Direktvertrieb ist. Dabei agiert das Traditionsunternehmen unter anderem mit seinem Rezept-Portal „Cookiedoo“ absolut auf der Höhe der Zeit: Über das Internet kann sich die inzwischen millionenschwere Thermomix-Nutzergemeinde ganz einfach per Klick tausende Rezepte auf die Küchenmaschine laden und gleich ausprobieren.

Für die IT-Sicherheit in der vernetzten Vorwerk-Welt sorgt CISO Florian Jörgens. Er kümmert sich um alle Themen rund um die Informationssicherheit: von der Sicherheitsstrategie über die Implementierung von Prozessen und Technologien bis hin zu Sensibilisierungsmaßnahmen bei den Mitarbeitenden. In unserer neuesten Podcastfolge erklärt Florian, wie er die CISO-Rolle versteht, warum diese so wichtig für die digitale Resilienz von Unternehmen ist und gibt praktische Tipps an seine Fachkollegen.

Folge 4 | Cyber-Resilienz bei Vorwerk: Praktische Tipps für CISOs

Mit Prof. Dr. Dennis-Kenji Kipker, Rechtswissenschaftler und Experte für Innovation, IT-Strategie und Cyber Compliance. Er zählt zu den führenden Köpfen im Bereich Cybersecurity in Deutschland. Dennis forscht an der Schnittstelle von Recht und Technologie in den Bereichen Cybersecurity, Datenschutz und digitale Resilienz im Kontext globaler Krisen. Außerdem mit dabei: Nadja Gronau, Leiterin des Public Sector Teams von Splunk in Deutschland.

Die Digitalisierung hat in den vergangenen Jahren in vielen Branchen von der Automobilindustrie bis zur Medizin revolutionäre Entwicklungen ausgelöst. Allerdings hat auch die „dunkle Seite“ in dieser Zeit nicht geschlafen und digital aufgerüstet. Mithilfe von Deep Fakes und Social Engineering – um nur zwei Beispiele krimineller Täuschungsmanöver über das Web zu nennen – versuchen Cyber-Kriminelle Unternehmen wie auch staatliche Organisationen auszunehmen, zu betrügen, zu erpressen oder ihnen einfach „nur“ zu schaden.

Tradierte Abwehrmechanismen helfen hier längst nicht mehr – aber was kann schützen? Diese Frage steht im Fokus der dritten Folge unserer Podcast-Reihe. Unsere Gäste Prof. Dr. Dennis Kenji-Kipker und Nadja Gronau von Splunk erläutern aus ihrer jeweiligen Position und beruflichen Erfahrung heraus, warum es mehr braucht als adäquate Cyber-Resilienz um sich vor „intelligenten“ Angriffen zu schützen: nämlich Cyber Intelligence. Wir sprechen mit den beiden Experten darüber, was sich hinter dem Begriff genau verbirgt und was erforderlich ist, eine intelligente Abwehr von Cyber-Bedrohungen zu implementieren beziehungsweise an den Start zu bringen. Sowohl Nadja als auch Dennis zeigen anhand zahlreicher Beispiele aus der Praxis die Dos and Don’ts von Cyber Intelligence auf.

Folge 3 | Cyber-Resilienz needs Cyber-Intelligence

Fouad Latrech, Global CTO, revient sur son arrivée chez Decathlon en 2019. Avec une ruée sur le sport pendant le confinement, le pic de trafic en ligne l’a poussé à devoir stabiliser en urgence l’infrastructure des plateformes eCommerce. Une marche forcée vers le digital qui a conduit l’entreprise à repenser durablement la notion de stock, les offres produits, les business models ou l’innovation. Il évoque également d’autres défis à l’international, comme les risques cyber, la compliance, ou encore la gouvernance.

Épisode 3 : Decathlon : une culture agile à l'international

Arrivée chez le géant de la grande distribution en plein confinement, Katia Statuto, RSSI chez Carrefour, nous raconte dans cet épisode l’accélération forcée vers le e-commerce, l’accompagnement à la résilience des consommateurs ou encore les limites de la régulation.

Comment Carrefour a transformé la crise sanitaire en tremplin pour se réinventer

Mit Karsten Mostersteg, ehemals Head of Global IT Service Operation der ISS Facility Services Holding GmbH, wo er den Grundstein für die heutige IT- und Prozesslandschaft legte, unter anderem indem er die Ablösung eines Full-Outsourcings realisierte.

In Folge 2 werfen wir einen Blick auf die Bedeutung des Themas Resilienz für den IT-Betrieb. Karsten hat im Zusammenhang mit zahlreichen M&As, Carve-Outs und Großkundenprojekten bei ISS Deutschland manchmal durchaus leidvoll erfahren, wie wichtig es ist, Störungen bewältigen zu können, um den Betrieb einer IT-Organisation aufrechtzuerhalten. Wir sprechen mit ihm darüber, was operative Resilienz aus Unternehmenssicht bedeutet und gehen der Frage nach, ob und wie sich digitale Resilienz im Unternehmen messen und damit ihre Wirkung belegen lässt. Karsten erklärt außerdem, warum Standards für ihn das A&O eines resilienten IT-Betriebs sind, wieso er ZDF gegenüber RTL den Vorzug gibt (Spoiler: wir sprechen hier nicht übers Fernsehen) und weshalb Resilienz nicht ohne Plan B funktioniert – also Rück- und Fehlschläge schlicht zum Unternehmensalltag gehören. Und er erklärt nicht zuletzt, wie dieser Plan B aussehen und was er enthalten muss.

Folge 2 | Resilienter IT-Betrieb: Was wirklich dazugehört.

Patrick Prosper, RSSI de Groupama, nous parle de son équipe, qui tente de résister à des chocs majeurs comme les cyber-attaques et les fuites de données, de la résilience comme un état d’esprit, d’une gestion de crise réussie, de DORA (mais pas l’exploratrice), et même de Wolverine !

Épisode 1 : Comment Groupama s’assure d’être résilient face aux crises

Folge 1 | Digitale Resilienz: Warum sie heute alternativlos ist.

Mit Petra Jenner, Senior Vice President und General Manager für Europa, den Nahen Osten und Afrika bei Splunk

In unserer ersten Episode begrüßen wir Petra Jenner, die mit uns die Bedeutung von Resilienz sowohl für individuelle Karrieren als auch für den dauerhaften Unternehmenserfolg diskutiert. Wir sprechen über Herausforderungen von Unternehmen, die in hybriden Multi-Cloud-Umgebungen agieren, sehen uns Lösungen für das wachsende Problem des Fachkräftemangels an und betrachten die Bedeutung von digitaler Resilienz und wie sie Unternehmen hilft, unausweichliche Disruptionen in ihren Geschäftsprozessen zu erkennen und erfolgreich zu bewältigen. Unter anderem stellen wir dabei erfolgreiche Beispiele von BMW, der DKB und Puma vor.

Folge 1 | Digitale Resilienz: Warum sie heute alternativlos ist.

Bien que l’Observabilité soit le dernier mot à la mode du monde « cloud native », il ne s’agit que d’une étape dans votre stratégie de résilience digitale. L’objectif de cette session est de comprendre comment étendre l’Observabilité aux services « métier», comment traduire ses KPIs techniques en impact commerciaux et comment fournir une  vraie visibilité de bout en bout, de l’application d’e-Commerce dans le cloud, au processus de fabrication (IoT) jusqu’à la facturation, en un seul et unique dashboard.

Speakers : 
Stéphane Estevez : EMEA Product Marketing Director
Pierrick Planchon : Staff Sales Engineer

La trilogie de l’observabilité -Episode 3: Observabilité la revanche des métiers

Toute approche d’observabilité commence par la collecte des données de télémétrie. Le projet open source, OpenTelemetry (OTel) s’est imposé comme le nouveau standard de facto du marché pour la collecte des logs, traces et métriques.
Lors de cette session, apprenez ce qu’est OTel, ses avantages et limitations, comment le déployer et surtout pourquoi ce sera votre dernier projet de collecte qui fera plaisir à vos équipes d’experts et réduira la dette technique de votre DSI.

Speakers : 
Stéphane Estevez : EMEA Product Marketing Director
Pierrick Planchon : Staff Sales Engineer

La trilogie de l’observabilité - Episode 2 : OpenTelemetry un nouvel espoir

Recent Enterprise Strategy Group (ESG) research reports that 90% of organizations are actively automating security operations processes to scale efforts alongside the exponential amount of data, networks, identities, and assets they need to protect.

However, sourcing the right tools—like SOAR—time, software development skills, and process immaturity all seek to stall these efforts. 

In this exclusive Fireside Chat session, experts from Deloitte and Splunk join Jon Oltsik, Distinguished Analyst & Fellow at ESG, to demystify the current state of security operations process automation, fueled by vendor agnostic ESG research, and to navigate these roadblocks. 

Register for the session—planned for October 19th at 1PM EST—to also learn: 
     • What are the key business cases for security operations process automation?
     • How are Splunk and Deloitte addressing common roadblocks in this area?
     • 5 SOAR use cases & benefits

The State of Security Operations Process Automation and SOAR

L’observabilité est le dernier “buzzword » du monde du DevOps, pourtant chaque éditeur et chaque entreprise en a sa propre définition. Le marché est plus confus que jamais. Lors de cette session nous aborderons les idées reçues, les pièges techniques à éviter et leurs conséquences pour les métiers ; vous serez en mesure de poser les questions qui fâchent, différencier l’observabilité du monitoring, et définir la première étape de votre stratégie d’observabilité grâce à des approches de type OpenTelemetry.

Speakers:
Stéphane Estevez : EMEA Product Marketing Director 
Pierrick Planchon : Staff Sales Engineer

La trilogie de l’observabilité - Episode 1 : Le côté obscur de l’observabilité

According to Enterprise Strategy Group (ESG), only 4% of organizations can deliver real-time data insights to business decision-makers, with another 45% reporting that it takes weeks or longer to provide these insights. Eliminating data silos and embracing modern analytics is essential for developing a resilient supply chain and quickly getting real-time data into the hands of decision-makers.

Join us in this fireside chat featuring supply chain experts from ESG, Accenture and Splunk to learn about:
• 3 common supply chain challenges and how you can overcome them
• Why data insights & analytics are key to creating more resilient supply chains
• How to use Generative AI for data insights

Building a Resilient Supply Chain with Splunk and Accenture

Detection engineers consistently come up with excellent rules and heuristics to detect malicious and anomalous behaviors in their environment; a perfect example of this is password spraying. But since we can’t have nice things, there is always software or behaviors that violate the base assumption for that detection. This doesn’t invalidate the rule, but it does require that the rule have exceptions built into the rules. Doing this manually is tedious and time consuming. When a rule consistently gives false positives, it is natural and understandable to just ignore the rule. But that comes at the expense of when the rule detects something that is malicious.

In this talk we will use password spraying as an example use case to showcase how detections can be matured through the use of Machine Learning.

- Join our webinar, “Enhance your Security Detections with Machine Learning” and learn:
- How to take a data driven approach to detection development
- How to mature a detection to detect increasingly sophisticated attackers
- How to use Splunk’s Machine Learning Toolkit to understand behaviors

Enhance your Security Detections with Machine Learning

IT Operations

Monitoring

Cloud monitoring

Cloud Applications

Cloud Infrastructure

Infrastructure Management

Cloud Management

Application Monitoring

IT Infrastructure

Cloud Architecture

Get powerful e-commerce insights to grow your online transaction volume. Connect with thought leaders and colleagues to get the most up-to-date knowledge on the e-commerce strategies and techniques that drive growth.

E-commerce

The marketing community on BrightTALK is made up of thousands of engaged marketing professionals. Find relevant webinars and videos on marketing strategy, branding and more presented by recognized thought leaders. Join the conversation by participating in live webinars and round table discussions.

Marketing

Welcome to the mobile computing community on BrightTALK! With the consumerization of IT and the widespread adoption of mobile devices across the globe, mobile computing has become an important part of many people's lives in a culture of bring your own device (BYOD). With mobile devices doubling as work phones and more employees working from home, businesses need to provide secure access to data and work applications from anywhere at any time. Join this growing community and hear from industry thought leaders in webinars and videos as they share their insight on mobile computing research and trends.

Mobile Computing

Are you an IT service management professional interested in developing your knowledge and improving your job performance? Join the IT service management community to access the latest updates from industry experts. Learn and share insights related to IT service management (ITSM) including topics such as the service desk, service catalog, problem and incident management, ITIL v4 and more. Engage with industry experts on current best practices and participate in active discussions that address the needs and challenges of the ITSM community.

IT Service Management

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The application development community features top thought leadership focusing on optimal practices in software development, SDLC methodology, mobile app development and application development platforms and tools. Join top software engineers and coders as they cover emerging trends in everything from enterprise app development to developing for mobile platforms such as Android and iOS.

Application Development

Enterprise applications have become a crucial piece of infrastructure for many businesses. The enterprise applications community on BrightTALK features the latest insights in enterprise application integration, enterprise application architecture and EAS software. Join the community to gain access to thousands of videos and webinars presented by recognized enterprise information systems experts and arm yourself with the knowledge you need to succeed.

Enterprise Applications

Practicing business intelligence allows your company to transform raw data into sets of insights for targeted business growth. The business intelligence and analytics community on BrightTALK is made up of thousands of data scientists, database administrators, business analysts and other data professionals. Find relevant webinars and videos on business analytics, business intelligence, data analysis and more presented by recognized thought leaders. Join the conversation by participating in live webinars and round table discussions.

Business Intelligence and Analytics

Join thousands of engaged IT professionals in the application management community on BrightTALK. Interact with your peers in relevant webinars and videos on the latest trends and best practices for application lifecycle management, application performance management and application development.

Application Management

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Information Technology

Get powerful insights on how to best serve today's customers. If you want to create a successful customer experience today, you will have to appeal to the need for “alone together” time. Millennials, Gen X, Boomers or Silent Generation all look for shared but individual experiences.

Customer Experience

The sales community on BrightTALK brings together thousands of engaged sales professionals. Learn about careers in IT sales and marketing, sales techniques and selling strategies. Join the discussion by participating in on-demand and live sales webinars and summits with leaders in the sales industry.

Sales

Thousands of healthcare IT professionals compose the health IT community on BrightTALK. Learn alongside them with relevant webinars on healthcare IT compliance, big data in healthcare and IT solutions for healthcare organizations. Join the conversation by asking questions and engaging with other participants during live webinars and organized discussions.

Enhance your Security Detections with Machine Learning

Presented by

About this talk

More from this channel