Name: Splunk Threat Briefing: Newest Observed TTPs in the Wild
Start: 2024-07-30T22:54:00Z
End: 2024-07-30T22:54:33.000Z
Location: BrightTALK
Rating: 5

Splunk is helping to build a safer and more resilient digital world by equipping customers with the unified security and observability platform they need to keep their organization securely up and running — no matter what digital disruptions come their way.

Join Splunk and Orange for a discussion about how AIOps and Observability is changing the game for IT. You can expect to hear all about observability best practices, customer references, and how you can best master IT complexity in your organisation.

Best Practices for Mastering IT Complexity: How AIOps & Observability is Changing the Game for IT

AI, today’s new technology frontier, is in a full frenzy free-for-all. How will you cut through all the hype? At Splunk, we believe it’s a matter of principles. Please join Hao Yang, Cory Minton, and Kirsty Paine to learn How AI Can Catalyze Digital Resilience: An Introduction to Splunk’s Philosophy to learn the latest on our vision and strategy as a company.

- Understand how Splunk is tackling AI today with leading organizations
- Discover how to align AI with enterprise mandates
- Learn how AI will shape the future of security and observability

How AI Can Catalyze Digital Resilience: An Introduction to Splunk’s Philosophy

The traditional approach of piling on narrowly-defined detections into a SIEM isn't working. Security analysts want tangible, actionable alerts with more context and higher fidelity. Splunk Enterprise Security's Risk-Based Alerting (RBA) intelligently aggregates suspicious behavior and delivers those actionable alerts, freeing up valuable time to proactively mature security operations.

In this webinar, you will learn how RBA can help you:

- Reduce low-fidelity, time-consuming alert volume by 50-90%.
- Provide more time for high-value activities in your security organization like threat hunting, adversary simulation and security content development.
- How RBA becomes the foundational approach for success with unique use cases, as well as the perfect dataset for machine learning.

Speaker:
Haylee Mills
Security Strategist
Splunk

Risk Based Alerting (RBA): The Future and Foundation of Next Generation Security

"Hindsight is always 20/20. Let's take a step back and talk through the fundamentals of information security, and pair them with ""things I wish I knew"" for starting with Splunk® Enterprise Security use cases.

In this session, learn how to get the best bang for the buck and rapidly increase your security posture with minimal effort. As you build your program, benefit from lessons learned, and common pitfalls will be discussed.

Join this webinar to learn more about:

- How to build a security program.
- Things to consider when building your program.
- Improving and protecting your security posture with Splunk Enterprise Security.

Speakers:

Marquis Montgomery
Senior Principal
Security Product Management
Splunk

Steven Chamales
Product Manager
Threat Intelligence
Splunk

The Beginner’s Guide to Security Monitoring for Enterprises

Are your security teams drowning in data and overwhelmed with alerts? Are you thinking that there must be a better way, some esoteric or forbidden knowledge, to produce higher-fidelity alerts and keep your team from burning out?

Join the Blue Team Academy for a discussion on the amazing potential that Risk-Based Alerting (RBA) brings to analysis with Splunk® Enterprise Security.

In this webinar, we’ll cover basics and more all from the SOC analyst perspective, such as:

- What you can expect to see when RBA is implemented.
- What are risk objects and risk events.
- How you can encourage your own team to implement RBA.

Speakers: 
Haylee Mills
Staff Security Strategist, Splunk

Megan Parsons
Principal, Global Security Enablement, Splunk

Blue Team Academy: Risk and Risk Notables for Analysts

Digital transformation demands that ITOps evolve. As services become more complex and the data they generate continues to grow exponentially, ITOps teams need to enlist modern management solutions.

Join this session to see how Splunk can help you modernize your IT Operations to predictive AIOps in a crawl, walk, run fashion – regardless of where you are at today. You’ll learn how to quickly integrate your existing monitoring and IT Service Management data into the Splunk platform, and find out how to leverage powerful event correlation and predictive analytics in Splunk IT Service Intelligence to significantly reduce alert noise, accelerate root cause analysis and prevent incidents before they impact your customers.

During this session, we will cover:


How to leverage event correlation to group, prioritize and reduce alert noise
How to easily onboard, integrate, and visualize data from existing sources
Predictive service performance insights, including how issues can get fixed before customers are impacted

PRESENTERS:
Wes Cooper
Director, Product Marketing
Splunk

Kara Gillis
Senior Director, Product Management
Splunk

How to Modernize IT Operations with Splunk ITSI: A Journey to Predictive AIOps

Want to accelerate your ability to predict and prevent incidents before they occur? Learn how Splunk AI can be the catalyst. Join us to learn how to get started using Splunk AI for Predictive Maintenance, Detecting Service Performance Issues, Alert Noise Reduction, and User Experience Monitoring.

We'll introduce the AI impact assessment framework to assess objectives, risk, and execution capacity, demonstrate how to use custom Anomaly Detection with the Splunk Platform and discuss the embedded AI capabilities in Splunk Observability Cloud with a special focus on Splunk ITSI.

Tune into this session to learn how Splunk AI can help you:

-Predict and prevent incidents before they occur
-See how AIOps and Splunk's embedded AI capabilities can reduce alert noise, prevent outages, and enable faster remediation
-Learn how Splunk users are tackling AI use cases today

Presenters: 
Greg Ainslie-Mali
Field CTO & Strategic Advisor - Technology & Innovation
Splunk

Kelsey King
Machine Learning
Product Manager
Splunk

Annette Sheppard
Director
Product Marketing - AIOps
Splunk

Isha Gandhi
Product Manager
Observability for IT
Splunk

Splunk AI for Observability: Accelerate Detection, Investigation and Response

Security continues to command the spotlight in boardroom discussions, and companies are prioritizing cybersecurity like never before. From justifying the return on investment of security measures to preparing for increasingly sophisticated ransomware attacks or harnessing the power of generative AI, it’s clear that cyber risk is business risk.

Join Patrick Coughlin and Audra Streetman for their take on top of mind security topics for 2024, including:

- AI: The double-edged sword
- The [continued] elevated status of the CISO 
-The morphing of cyberwarfare
- Ransomware. Seriously, will we ever stop talking about this?
- Collaboration and integration for resilience

Splunk Security Predictions: What To Expect in 2024

Want to know how CISOs are addressing the latest threats, keeping up with AI and changing the security culture in their organization?

An independent research study of 350+ senior security executives revealed that 90% percent of CISOs have faced a disruptive attack in the last year. And while they’re adapting to stay on top of board expectations and ahead of cyber attackers, they aren’t getting much sleep at night.

Join this webinar for a deep-dive into the top findings from the study including why:

- 70% of security leaders believe AI benefits attackers more than defenders
- 47% of CISOs now report directly to the CEO
- 83% of CISOs paid attackers in the wake of a ransomware attack

The CISO Report: Emerging Trends, Threats and Strategies for Security Leaders

Wanting to accelerate your threat hunting? Learn how Splunk AI can be the catalyst. Join us to learn how to leverage the PEAK threat hunting framework and Splunk AI to find malware dictionary-DGA domains.

We'll introduce the PEAK framework, walk through the hunt step-by-step, and demonstrate how to turn a successful hunt into automated detection.

Tune into this session on-demand to learn how PEAK and Splunk AI can help you:

* Learn the basics of the PEAK threat hunting framework developed by Splunk’s SURGe security research team.
* Understand the power Splunk AI can bring to your threat hunts.
* See how to create automated detections from your successful hunts.

Model Assisted Threat Hunting Powered by PEAK & Splunk AI

Staying ahead of threat actors is becoming increasingly more difficult as the volume of phishing and malware attacks dramatically increases quarter over quarter, phishing campaigns continue to become more sophisticated, and analysts are overwhelmed with daily alerts.

While detection-based products play a critical role in alerting security teams to an attack, analysts need additional visibility and context to fully understand the scope of an incident and respond as quickly as possible.

Join Neal Iyer, Senior Principal Product Manager at Splunk, and Casey Wopat, Principal Product Marketing Manager, for an overview and demo of Splunk Attack Analyzer to learn how automated threat analysis helps security teams:

Take the manual work out of credential phishing and malware threat analysis to efficiently handle large volumes of alerts and save analysts time.

Gain consistent, comprehensive, high-quality threat analysis fully understand the scope of complex attack chains.
Build intelligent automation for end-to-end threat analysis and response by pairing Splunk Attack Analyzer with Splunk SOAR.

Reduce Investigation and Response Time With Automated Threat Analysis

Mit Florian Jörgens, Chief Information Security Officer (CISO) bei Vorwerk, Hochschuldozent, Autor und wissenschaftlicher Mitarbeiter. Außerdem mit dabei: Matthias Maier, EMEA Cyber Security Market Advisor bei Splunk.

Das Unternehmen Vorwerk kennt praktisch jede und jeder. Nicht nur, weil der Wuppertaler Hersteller elektrischer Haushaltsgeräte bereits seit Generationen Staubsauger wie den Kobold, Küchenmaschinen wie den Thermomix und weitere Haushaltshelfer wie das Teegerät Temial in die deutschen Haushalte bringt. Einzigartig ist auch das Vertriebsmodell des 1883 gegründeten Unternehmens, dessen wichtigste Säule bis heute der Direktvertrieb ist. Dabei agiert das Traditionsunternehmen unter anderem mit seinem Rezept-Portal „Cookiedoo“ absolut auf der Höhe der Zeit: Über das Internet kann sich die inzwischen millionenschwere Thermomix-Nutzergemeinde ganz einfach per Klick tausende Rezepte auf die Küchenmaschine laden und gleich ausprobieren.

Für die IT-Sicherheit in der vernetzten Vorwerk-Welt sorgt CISO Florian Jörgens. Er kümmert sich um alle Themen rund um die Informationssicherheit: von der Sicherheitsstrategie über die Implementierung von Prozessen und Technologien bis hin zu Sensibilisierungsmaßnahmen bei den Mitarbeitenden. In unserer neuesten Podcastfolge erklärt Florian, wie er die CISO-Rolle versteht, warum diese so wichtig für die digitale Resilienz von Unternehmen ist und gibt praktische Tipps an seine Fachkollegen.

Folge 4 | Cyber-Resilienz bei Vorwerk: Praktische Tipps für CISOs

Mit Prof. Dr. Dennis-Kenji Kipker, Rechtswissenschaftler und Experte für Innovation, IT-Strategie und Cyber Compliance. Er zählt zu den führenden Köpfen im Bereich Cybersecurity in Deutschland. Dennis forscht an der Schnittstelle von Recht und Technologie in den Bereichen Cybersecurity, Datenschutz und digitale Resilienz im Kontext globaler Krisen. Außerdem mit dabei: Nadja Gronau, Leiterin des Public Sector Teams von Splunk in Deutschland.

Die Digitalisierung hat in den vergangenen Jahren in vielen Branchen von der Automobilindustrie bis zur Medizin revolutionäre Entwicklungen ausgelöst. Allerdings hat auch die „dunkle Seite“ in dieser Zeit nicht geschlafen und digital aufgerüstet. Mithilfe von Deep Fakes und Social Engineering – um nur zwei Beispiele krimineller Täuschungsmanöver über das Web zu nennen – versuchen Cyber-Kriminelle Unternehmen wie auch staatliche Organisationen auszunehmen, zu betrügen, zu erpressen oder ihnen einfach „nur“ zu schaden.

Tradierte Abwehrmechanismen helfen hier längst nicht mehr – aber was kann schützen? Diese Frage steht im Fokus der dritten Folge unserer Podcast-Reihe. Unsere Gäste Prof. Dr. Dennis Kenji-Kipker und Nadja Gronau von Splunk erläutern aus ihrer jeweiligen Position und beruflichen Erfahrung heraus, warum es mehr braucht als adäquate Cyber-Resilienz um sich vor „intelligenten“ Angriffen zu schützen: nämlich Cyber Intelligence. Wir sprechen mit den beiden Experten darüber, was sich hinter dem Begriff genau verbirgt und was erforderlich ist, eine intelligente Abwehr von Cyber-Bedrohungen zu implementieren beziehungsweise an den Start zu bringen. Sowohl Nadja als auch Dennis zeigen anhand zahlreicher Beispiele aus der Praxis die Dos and Don’ts von Cyber Intelligence auf.

Folge 3 | Cyber-Resilienz needs Cyber-Intelligence

Fouad Latrech, Global CTO, revient sur son arrivée chez Decathlon en 2019. Avec une ruée sur le sport pendant le confinement, le pic de trafic en ligne l’a poussé à devoir stabiliser en urgence l’infrastructure des plateformes eCommerce. Une marche forcée vers le digital qui a conduit l’entreprise à repenser durablement la notion de stock, les offres produits, les business models ou l’innovation. Il évoque également d’autres défis à l’international, comme les risques cyber, la compliance, ou encore la gouvernance.

Épisode 3 : Decathlon : une culture agile à l'international

Arrivée chez le géant de la grande distribution en plein confinement, Katia Statuto, RSSI chez Carrefour, nous raconte dans cet épisode l’accélération forcée vers le e-commerce, l’accompagnement à la résilience des consommateurs ou encore les limites de la régulation.

Comment Carrefour a transformé la crise sanitaire en tremplin pour se réinventer

Mit Karsten Mostersteg, ehemals Head of Global IT Service Operation der ISS Facility Services Holding GmbH, wo er den Grundstein für die heutige IT- und Prozesslandschaft legte, unter anderem indem er die Ablösung eines Full-Outsourcings realisierte.

In Folge 2 werfen wir einen Blick auf die Bedeutung des Themas Resilienz für den IT-Betrieb. Karsten hat im Zusammenhang mit zahlreichen M&As, Carve-Outs und Großkundenprojekten bei ISS Deutschland manchmal durchaus leidvoll erfahren, wie wichtig es ist, Störungen bewältigen zu können, um den Betrieb einer IT-Organisation aufrechtzuerhalten. Wir sprechen mit ihm darüber, was operative Resilienz aus Unternehmenssicht bedeutet und gehen der Frage nach, ob und wie sich digitale Resilienz im Unternehmen messen und damit ihre Wirkung belegen lässt. Karsten erklärt außerdem, warum Standards für ihn das A&O eines resilienten IT-Betriebs sind, wieso er ZDF gegenüber RTL den Vorzug gibt (Spoiler: wir sprechen hier nicht übers Fernsehen) und weshalb Resilienz nicht ohne Plan B funktioniert – also Rück- und Fehlschläge schlicht zum Unternehmensalltag gehören. Und er erklärt nicht zuletzt, wie dieser Plan B aussehen und was er enthalten muss.

Folge 2 | Resilienter IT-Betrieb: Was wirklich dazugehört.

Patrick Prosper, RSSI de Groupama, nous parle de son équipe, qui tente de résister à des chocs majeurs comme les cyber-attaques et les fuites de données, de la résilience comme un état d’esprit, d’une gestion de crise réussie, de DORA (mais pas l’exploratrice), et même de Wolverine !

Épisode 1 : Comment Groupama s’assure d’être résilient face aux crises

Ongoing geopolitical conflicts continue to give rise to new variants of malicious payloads and new tactics and techniques have been observed.

To help SOC teams defend against these threats, the Splunk Threat Research Team will showcase the entire exploitation sequence starting from the execution of the latest remote access trojans (RATs) to destructive payloads and post-exploitation techniques.

Join this webinar to learn more about:

- Current geopolitical threats and related campaigns.
- Remote access trojan IOCs and related Splunk detections.
- The latest post-exploitation techniques and related security content to enhance your defenses.
- Best practices for operationalizing the new TTP Detections into your SOC.

Speakers:

Rod Soto
Senior Principal Threat Researcher
Splunk

Teoderick Contreras
Senior Threat Researcher
Splunk

Splunk Threat Briefing: Newest Observed TTPs in the Wild

Cybersecurity

Security

Cloud Security

Cyberthreat

Machine Learning

Analytics

Automation

Get powerful e-commerce insights to grow your online transaction volume. Connect with thought leaders and colleagues to get the most up-to-date knowledge on the e-commerce strategies and techniques that drive growth.

E-commerce

The marketing community on BrightTALK is made up of thousands of engaged marketing professionals. Find relevant webinars and videos on marketing strategy, branding and more presented by recognized thought leaders. Join the conversation by participating in live webinars and round table discussions.

Marketing

Welcome to the mobile computing community on BrightTALK! With the consumerization of IT and the widespread adoption of mobile devices across the globe, mobile computing has become an important part of many people's lives in a culture of bring your own device (BYOD). With mobile devices doubling as work phones and more employees working from home, businesses need to provide secure access to data and work applications from anywhere at any time. Join this growing community and hear from industry thought leaders in webinars and videos as they share their insight on mobile computing research and trends.

Mobile Computing

Are you an IT service management professional interested in developing your knowledge and improving your job performance? Join the IT service management community to access the latest updates from industry experts. Learn and share insights related to IT service management (ITSM) including topics such as the service desk, service catalog, problem and incident management, ITIL v4 and more. Engage with industry experts on current best practices and participate in active discussions that address the needs and challenges of the ITSM community.

IT Service Management

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The application development community features top thought leadership focusing on optimal practices in software development, SDLC methodology, mobile app development and application development platforms and tools. Join top software engineers and coders as they cover emerging trends in everything from enterprise app development to developing for mobile platforms such as Android and iOS.

Application Development

Enterprise applications have become a crucial piece of infrastructure for many businesses. The enterprise applications community on BrightTALK features the latest insights in enterprise application integration, enterprise application architecture and EAS software. Join the community to gain access to thousands of videos and webinars presented by recognized enterprise information systems experts and arm yourself with the knowledge you need to succeed.

Enterprise Applications

Practicing business intelligence allows your company to transform raw data into sets of insights for targeted business growth. The business intelligence and analytics community on BrightTALK is made up of thousands of data scientists, database administrators, business analysts and other data professionals. Find relevant webinars and videos on business analytics, business intelligence, data analysis and more presented by recognized thought leaders. Join the conversation by participating in live webinars and round table discussions.

Business Intelligence and Analytics

Join thousands of engaged IT professionals in the application management community on BrightTALK. Interact with your peers in relevant webinars and videos on the latest trends and best practices for application lifecycle management, application performance management and application development.

Application Management

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Information Technology

Get powerful insights on how to best serve today's customers. If you want to create a successful customer experience today, you will have to appeal to the need for “alone together” time. Millennials, Gen X, Boomers or Silent Generation all look for shared but individual experiences.

Customer Experience

The sales community on BrightTALK brings together thousands of engaged sales professionals. Learn about careers in IT sales and marketing, sales techniques and selling strategies. Join the discussion by participating in on-demand and live sales webinars and summits with leaders in the sales industry.

Sales

Thousands of healthcare IT professionals compose the health IT community on BrightTALK. Learn alongside them with relevant webinars on healthcare IT compliance, big data in healthcare and IT solutions for healthcare organizations. Join the conversation by asking questions and engaging with other participants during live webinars and organized discussions.

Splunk Threat Briefing: Newest Observed TTPs in the Wild

Presented by

About this talk

More from this channel