Enhance your Security Detections with Machine Learning

Logo
Presented by

Jose Hernandez | Sr. Manager, Threat Research, Splunk David Dorsey | Security Research, Splunk

About this talk

Detection engineers consistently come up with excellent rules and heuristics to detect malicious and anomalous behaviors in their environment; a perfect example of this is password spraying. But since we can’t have nice things, there is always software or behaviors that violate the base assumption for that detection. This doesn’t invalidate the rule, but it does require that the rule have exceptions built into the rules. Doing this manually is tedious and time consuming. When a rule consistently gives false positives, it is natural and understandable to just ignore the rule. But that comes at the expense of when the rule detects something that is malicious. In this talk we will use password spraying as an example use case to showcase how detections can be matured through the use of Machine Learning. - Join our webinar, “Enhance your Security Detections with Machine Learning” and learn: - How to take a data driven approach to detection development - How to mature a detection to detect increasingly sophisticated attackers - How to use Splunk’s Machine Learning Toolkit to understand behaviors
Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (307)
Subscribers (39202)
Splunk is helping to build a safer and more resilient digital world by equipping customers with the unified security and observability platform they need to keep their organization securely up and running — no matter what digital disruptions come their way.