Name: Model Assisted Threat Hunting Powered by PEAK & Splunk AI
Start: 2024-06-21T16:17:00Z
End: 2024-06-21T16:17:49.000Z
Location: BrightTALK
Rating: 0

Splunk is helping to build a safer and more resilient digital world by equipping customers with the unified security and observability platform they need to keep their organization securely up and running — no matter what digital disruptions come their way.

Security continues to command the spotlight in boardroom discussions, and companies are prioritizing cybersecurity like never before. From justifying the return on investment of security measures to preparing for increasingly sophisticated ransomware attacks or harnessing the power of generative AI, it’s clear that cyber risk is business risk.

Join Patrick Coughlin and Audra Streetman for their take on top of mind security topics for 2024, including:

- AI: The double-edged sword
- The [continued] elevated status of the CISO 
-The morphing of cyberwarfare
- Ransomware. Seriously, will we ever stop talking about this?
- Collaboration and integration for resilience

Splunk Security Predictions: What To Expect in 2024

Want to know how CISOs are addressing the latest threats, keeping up with AI and changing the security culture in their organization?

An independent research study of 350+ senior security executives revealed that 90% percent of CISOs have faced a disruptive attack in the last year. And while they’re adapting to stay on top of board expectations and ahead of cyber attackers, they aren’t getting much sleep at night.

Join this webinar for a deep-dive into the top findings from the study including why:

- 70% of security leaders believe AI benefits attackers more than defenders
- 47% of CISOs now report directly to the CEO
- 83% of CISOs paid attackers in the wake of a ransomware attack

The CISO Report: Emerging Trends, Threats and Strategies for Security Leaders

Staying ahead of threat actors is becoming increasingly more difficult as the volume of phishing and malware attacks dramatically increases quarter over quarter, phishing campaigns continue to become more sophisticated, and analysts are overwhelmed with daily alerts.

While detection-based products play a critical role in alerting security teams to an attack, analysts need additional visibility and context to fully understand the scope of an incident and respond as quickly as possible.

Join Neal Iyer, Senior Principal Product Manager at Splunk, and Casey Wopat, Principal Product Marketing Manager, for an overview and demo of Splunk Attack Analyzer to learn how automated threat analysis helps security teams:

Take the manual work out of credential phishing and malware threat analysis to efficiently handle large volumes of alerts and save analysts time.

Gain consistent, comprehensive, high-quality threat analysis fully understand the scope of complex attack chains.
Build intelligent automation for end-to-end threat analysis and response by pairing Splunk Attack Analyzer with Splunk SOAR.

Reduce Investigation and Response Time With Automated Threat Analysis

Mit Prof. Dr. Dennis-Kenji Kipker, Rechtswissenschaftler und Experte für Innovation, IT-Strategie und Cyber Compliance. Er zählt zu den führenden Köpfen im Bereich Cybersecurity in Deutschland. Dennis forscht an der Schnittstelle von Recht und Technologie in den Bereichen Cybersecurity, Datenschutz und digitale Resilienz im Kontext globaler Krisen. Außerdem mit dabei: Nadja Gronau, Leiterin des Public Sector Teams von Splunk in Deutschland.

Die Digitalisierung hat in den vergangenen Jahren in vielen Branchen von der Automobilindustrie bis zur Medizin revolutionäre Entwicklungen ausgelöst. Allerdings hat auch die „dunkle Seite“ in dieser Zeit nicht geschlafen und digital aufgerüstet. Mithilfe von Deep Fakes und Social Engineering – um nur zwei Beispiele krimineller Täuschungsmanöver über das Web zu nennen – versuchen Cyber-Kriminelle Unternehmen wie auch staatliche Organisationen auszunehmen, zu betrügen, zu erpressen oder ihnen einfach „nur“ zu schaden.

Tradierte Abwehrmechanismen helfen hier längst nicht mehr – aber was kann schützen? Diese Frage steht im Fokus der dritten Folge unserer Podcast-Reihe. Unsere Gäste Prof. Dr. Dennis Kenji-Kipker und Nadja Gronau von Splunk erläutern aus ihrer jeweiligen Position und beruflichen Erfahrung heraus, warum es mehr braucht als adäquate Cyber-Resilienz um sich vor „intelligenten“ Angriffen zu schützen: nämlich Cyber Intelligence. Wir sprechen mit den beiden Experten darüber, was sich hinter dem Begriff genau verbirgt und was erforderlich ist, eine intelligente Abwehr von Cyber-Bedrohungen zu implementieren beziehungsweise an den Start zu bringen. Sowohl Nadja als auch Dennis zeigen anhand zahlreicher Beispiele aus der Praxis die Dos and Don’ts von Cyber Intelligence auf.

Folge 3 | Cyber-Resilienz needs Cyber-Intelligence

Mit Florian Jörgens, Chief Information Security Officer (CISO) bei Vorwerk, Hochschuldozent, Autor und wissenschaftlicher Mitarbeiter. Außerdem mit dabei: Matthias Maier, EMEA Cyber Security Market Advisor bei Splunk.

Das Unternehmen Vorwerk kennt praktisch jede und jeder. Nicht nur, weil der Wuppertaler Hersteller elektrischer Haushaltsgeräte bereits seit Generationen Staubsauger wie den Kobold, Küchenmaschinen wie den Thermomix und weitere Haushaltshelfer wie das Teegerät Temial in die deutschen Haushalte bringt. Einzigartig ist auch das Vertriebsmodell des 1883 gegründeten Unternehmens, dessen wichtigste Säule bis heute der Direktvertrieb ist. Dabei agiert das Traditionsunternehmen unter anderem mit seinem Rezept-Portal „Cookiedoo“ absolut auf der Höhe der Zeit: Über das Internet kann sich die inzwischen millionenschwere Thermomix-Nutzergemeinde ganz einfach per Klick tausende Rezepte auf die Küchenmaschine laden und gleich ausprobieren.

Für die IT-Sicherheit in der vernetzten Vorwerk-Welt sorgt CISO Florian Jörgens. Er kümmert sich um alle Themen rund um die Informationssicherheit: von der Sicherheitsstrategie über die Implementierung von Prozessen und Technologien bis hin zu Sensibilisierungsmaßnahmen bei den Mitarbeitenden. In unserer neuesten Podcastfolge erklärt Florian, wie er die CISO-Rolle versteht, warum diese so wichtig für die digitale Resilienz von Unternehmen ist und gibt praktische Tipps an seine Fachkollegen.

Folge 4 | Cyber-Resilienz bei Vorwerk: Praktische Tipps für CISOs

Fouad Latrech, Global CTO, revient sur son arrivée chez Decathlon en 2019. Avec une ruée sur le sport pendant le confinement, le pic de trafic en ligne l’a poussé à devoir stabiliser en urgence l’infrastructure des plateformes eCommerce. Une marche forcée vers le digital qui a conduit l’entreprise à repenser durablement la notion de stock, les offres produits, les business models ou l’innovation. Il évoque également d’autres défis à l’international, comme les risques cyber, la compliance, ou encore la gouvernance.

Épisode 3 : Decathlon : une culture agile à l'international

Arrivée chez le géant de la grande distribution en plein confinement, Katia Statuto, RSSI chez Carrefour, nous raconte dans cet épisode l’accélération forcée vers le e-commerce, l’accompagnement à la résilience des consommateurs ou encore les limites de la régulation.

Comment Carrefour a transformé la crise sanitaire en tremplin pour se réinventer

Mit Karsten Mostersteg, ehemals Head of Global IT Service Operation der ISS Facility Services Holding GmbH, wo er den Grundstein für die heutige IT- und Prozesslandschaft legte, unter anderem indem er die Ablösung eines Full-Outsourcings realisierte.

In Folge 2 werfen wir einen Blick auf die Bedeutung des Themas Resilienz für den IT-Betrieb. Karsten hat im Zusammenhang mit zahlreichen M&As, Carve-Outs und Großkundenprojekten bei ISS Deutschland manchmal durchaus leidvoll erfahren, wie wichtig es ist, Störungen bewältigen zu können, um den Betrieb einer IT-Organisation aufrechtzuerhalten. Wir sprechen mit ihm darüber, was operative Resilienz aus Unternehmenssicht bedeutet und gehen der Frage nach, ob und wie sich digitale Resilienz im Unternehmen messen und damit ihre Wirkung belegen lässt. Karsten erklärt außerdem, warum Standards für ihn das A&O eines resilienten IT-Betriebs sind, wieso er ZDF gegenüber RTL den Vorzug gibt (Spoiler: wir sprechen hier nicht übers Fernsehen) und weshalb Resilienz nicht ohne Plan B funktioniert – also Rück- und Fehlschläge schlicht zum Unternehmensalltag gehören. Und er erklärt nicht zuletzt, wie dieser Plan B aussehen und was er enthalten muss.

Folge 2 | Resilienter IT-Betrieb: Was wirklich dazugehört.

Patrick Prosper, RSSI de Groupama, nous parle de son équipe, qui tente de résister à des chocs majeurs comme les cyber-attaques et les fuites de données, de la résilience comme un état d’esprit, d’une gestion de crise réussie, de DORA (mais pas l’exploratrice), et même de Wolverine !

Épisode 1 : Comment Groupama s’assure d’être résilient face aux crises

Folge 1 | Digitale Resilienz: Warum sie heute alternativlos ist.

Mit Petra Jenner, Senior Vice President und General Manager für Europa, den Nahen Osten und Afrika bei Splunk

In unserer ersten Episode begrüßen wir Petra Jenner, die mit uns die Bedeutung von Resilienz sowohl für individuelle Karrieren als auch für den dauerhaften Unternehmenserfolg diskutiert. Wir sprechen über Herausforderungen von Unternehmen, die in hybriden Multi-Cloud-Umgebungen agieren, sehen uns Lösungen für das wachsende Problem des Fachkräftemangels an und betrachten die Bedeutung von digitaler Resilienz und wie sie Unternehmen hilft, unausweichliche Disruptionen in ihren Geschäftsprozessen zu erkennen und erfolgreich zu bewältigen. Unter anderem stellen wir dabei erfolgreiche Beispiele von BMW, der DKB und Puma vor.

Folge 1 | Digitale Resilienz: Warum sie heute alternativlos ist.

Bien que l’Observabilité soit le dernier mot à la mode du monde « cloud native », il ne s’agit que d’une étape dans votre stratégie de résilience digitale. L’objectif de cette session est de comprendre comment étendre l’Observabilité aux services « métier», comment traduire ses KPIs techniques en impact commerciaux et comment fournir une  vraie visibilité de bout en bout, de l’application d’e-Commerce dans le cloud, au processus de fabrication (IoT) jusqu’à la facturation, en un seul et unique dashboard.

Speakers : 
Stéphane Estevez : EMEA Product Marketing Director
Pierrick Planchon : Staff Sales Engineer

La trilogie de l’observabilité -Episode 3: Observabilité la revanche des métiers

Toute approche d’observabilité commence par la collecte des données de télémétrie. Le projet open source, OpenTelemetry (OTel) s’est imposé comme le nouveau standard de facto du marché pour la collecte des logs, traces et métriques.
Lors de cette session, apprenez ce qu’est OTel, ses avantages et limitations, comment le déployer et surtout pourquoi ce sera votre dernier projet de collecte qui fera plaisir à vos équipes d’experts et réduira la dette technique de votre DSI.

Speakers : 
Stéphane Estevez : EMEA Product Marketing Director
Pierrick Planchon : Staff Sales Engineer

La trilogie de l’observabilité - Episode 2 : OpenTelemetry un nouvel espoir

Recent Enterprise Strategy Group (ESG) research reports that 90% of organizations are actively automating security operations processes to scale efforts alongside the exponential amount of data, networks, identities, and assets they need to protect.

However, sourcing the right tools—like SOAR—time, software development skills, and process immaturity all seek to stall these efforts. 

In this exclusive Fireside Chat session, experts from Deloitte and Splunk join Jon Oltsik, Distinguished Analyst & Fellow at ESG, to demystify the current state of security operations process automation, fueled by vendor agnostic ESG research, and to navigate these roadblocks. 

Register for the session—planned for October 19th at 1PM EST—to also learn: 
     • What are the key business cases for security operations process automation?
     • How are Splunk and Deloitte addressing common roadblocks in this area?
     • 5 SOAR use cases & benefits

The State of Security Operations Process Automation and SOAR

L’observabilité est le dernier “buzzword » du monde du DevOps, pourtant chaque éditeur et chaque entreprise en a sa propre définition. Le marché est plus confus que jamais. Lors de cette session nous aborderons les idées reçues, les pièges techniques à éviter et leurs conséquences pour les métiers ; vous serez en mesure de poser les questions qui fâchent, différencier l’observabilité du monitoring, et définir la première étape de votre stratégie d’observabilité grâce à des approches de type OpenTelemetry.

Speakers:
Stéphane Estevez : EMEA Product Marketing Director 
Pierrick Planchon : Staff Sales Engineer

La trilogie de l’observabilité - Episode 1 : Le côté obscur de l’observabilité

According to Enterprise Strategy Group (ESG), only 4% of organizations can deliver real-time data insights to business decision-makers, with another 45% reporting that it takes weeks or longer to provide these insights. Eliminating data silos and embracing modern analytics is essential for developing a resilient supply chain and quickly getting real-time data into the hands of decision-makers.

Join us in this fireside chat featuring supply chain experts from ESG, Accenture and Splunk to learn about:
• 3 common supply chain challenges and how you can overcome them
• Why data insights & analytics are key to creating more resilient supply chains
• How to use Generative AI for data insights

Building a Resilient Supply Chain with Splunk and Accenture

In this session, AWS and Splunk explore the role and importance of data and technology to overcome sustainability challenges and drive change for the future. We look at examples and discuss how businesses have advanced in not only looking at data but actually using data enabled end-to-end visibility to improve internal processes and customer outcomes.

We look at how businesses can utilise the building blocks already in place to continuously drive end-to-end sustainability initiatives, and how businesses could empower their internal teams to amplify change by allowing them to work from data insight.

Learn more about:

- How data could drive decisions and gap analysis in sustainability planning and execution
- The importance of end-to-end visibility in improving customer outcomes 
- How businesses could utilise the building blocks already in place to accelerate their sustainability initiatives
- How to evolve a data enabled approach to drive decision making towards true transformation

Presenters:

- Bryan Click | Editor in Chief | Computer Weekly
- Mark Woods | Chief Technical Advisor EMEA | Splunk
- Hilary Tam | Principal, Sustainability & Innovation | AWS

The Role of Technology and Sustainability and Where to Start

Wanting to accelerate your threat hunting? Learn how Splunk AI can be the catalyst. Join us to learn how to leverage the PEAK threat hunting framework and Splunk AI to find malware dictionary-DGA domains.

We'll introduce the PEAK framework, walk through the hunt step-by-step, and demonstrate how to turn a successful hunt into automated detection.

Tune into this session on-demand to learn how PEAK and Splunk AI can help you:

* Learn the basics of the PEAK threat hunting framework developed by Splunk’s SURGe security research team.
* Understand the power Splunk AI can bring to your threat hunts.
* See how to create automated detections from your successful hunts.

Model Assisted Threat Hunting Powered by PEAK & Splunk AI

Cybersecurity

Security

Cloud Security

Detections

Threats

Cyberthreat

Machine Learning

Analytics

Automation

Artificial Intelligence

Get powerful e-commerce insights to grow your online transaction volume. Connect with thought leaders and colleagues to get the most up-to-date knowledge on the e-commerce strategies and techniques that drive growth.

E-commerce

The marketing community on BrightTALK is made up of thousands of engaged marketing professionals. Find relevant webinars and videos on marketing strategy, branding and more presented by recognized thought leaders. Join the conversation by participating in live webinars and round table discussions.

Marketing

Welcome to the mobile computing community on BrightTALK! With the consumerization of IT and the widespread adoption of mobile devices across the globe, mobile computing has become an important part of many people's lives in a culture of bring your own device (BYOD). With mobile devices doubling as work phones and more employees working from home, businesses need to provide secure access to data and work applications from anywhere at any time. Join this growing community and hear from industry thought leaders in webinars and videos as they share their insight on mobile computing research and trends.

Mobile Computing

Are you an IT service management professional interested in developing your knowledge and improving your job performance? Join the IT service management community to access the latest updates from industry experts. Learn and share insights related to IT service management (ITSM) including topics such as the service desk, service catalog, problem and incident management, ITIL v4 and more. Engage with industry experts on current best practices and participate in active discussions that address the needs and challenges of the ITSM community.

IT Service Management

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The application development community features top thought leadership focusing on optimal practices in software development, SDLC methodology, mobile app development and application development platforms and tools. Join top software engineers and coders as they cover emerging trends in everything from enterprise app development to developing for mobile platforms such as Android and iOS.

Application Development

Enterprise applications have become a crucial piece of infrastructure for many businesses. The enterprise applications community on BrightTALK features the latest insights in enterprise application integration, enterprise application architecture and EAS software. Join the community to gain access to thousands of videos and webinars presented by recognized enterprise information systems experts and arm yourself with the knowledge you need to succeed.

Enterprise Applications

Practicing business intelligence allows your company to transform raw data into sets of insights for targeted business growth. The business intelligence and analytics community on BrightTALK is made up of thousands of data scientists, database administrators, business analysts and other data professionals. Find relevant webinars and videos on business analytics, business intelligence, data analysis and more presented by recognized thought leaders. Join the conversation by participating in live webinars and round table discussions.

Business Intelligence and Analytics

Join thousands of engaged IT professionals in the application management community on BrightTALK. Interact with your peers in relevant webinars and videos on the latest trends and best practices for application lifecycle management, application performance management and application development.

Application Management

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Information Technology

Get powerful insights on how to best serve today's customers. If you want to create a successful customer experience today, you will have to appeal to the need for “alone together” time. Millennials, Gen X, Boomers or Silent Generation all look for shared but individual experiences.

Customer Experience

The sales community on BrightTALK brings together thousands of engaged sales professionals. Learn about careers in IT sales and marketing, sales techniques and selling strategies. Join the discussion by participating in on-demand and live sales webinars and summits with leaders in the sales industry.

Sales

Thousands of healthcare IT professionals compose the health IT community on BrightTALK. Learn alongside them with relevant webinars on healthcare IT compliance, big data in healthcare and IT solutions for healthcare organizations. Join the conversation by asking questions and engaging with other participants during live webinars and organized discussions.

Model Assisted Threat Hunting Powered by PEAK & Splunk AI

Presented by

About this talk

More from this channel