EMEA Security Week 2023

Keynote - Best Practices for Strong Cyber Resilience

Time: 11.00 - 11.25
Length: 25 Minutes
Location: Virtual

Description: Join this session for an overview of the Security Week, and get curious about the latest innovations coming from Splunk.

Speakers:
James Hanlon - Linkedin profile
Matthias Maier - Linkedin profile

Security Trends 2022 and Predictions for 2023

Time: 11.30 - 11.55
Length: 25 Minutes
Location: Virtual

Description: We cover some of the major themes from 2022 including (Cyber)War in Europe, AI that can write malicious code, and increasing volumes of 0-day exploits. How will these affect security strategies in 2023 and what can we learn from them?

Speaker:
Niklas Blomquist - Linkedin profile

The EU NIS2 Directive: What Should You Be Doing Now?

Time: 13.00 - 13.25
Length: 25 Minutes
Location: Virtual

Description: At the end of 2022, European Member States formally adopted the revision of the Network and Information Security Directive (NIS2). Join us for a heads-up about the upcoming changes and what they will mean for your cybersecurity operations. This session answers key questions like: What is NIS2? Are you affected by NIS2 and, if so, what are your new obligations? Where can Splunk help you to comply? This session is for security leaders, experts, and compliance professionals.

Speaker:
Clara Lemaire - Linkedin profile

Cyber Resilience: What Does It Mean, Why Should I Care and What Are Others Doing to Be More Resilient?

Time: 13.30 - 13.55
Length: 25 Minutes
Location: Virtual

Description: Resilience is not a new concept; organisations at all levels have considered it to some degree over the years. Spurred on by a combination of regulation in some industries, or policy in others, and a recognition that at worst, resilience is a market differentiator and a must-have at best. Cyber Resilience, just like Cyber Security, cannot be solved by any single vendor. Instead it requires a mix of technologies, people, and processes all working in harmony.

During this session we’ll explore:
• What Cyber Resilience is, and how it can drive organisational or business wide resilience.
• Why organisations are prioritising efforts in Cyber Resilience, and why some aren’t, yet.
• Cyber Resilience use cases, looking at how organisations are tackling this new priority, how long it’s taken them and what they have achieved.


Speaker:
Shaun Cooney - Linkedin profile

What You Need To Know For 2023

Time: 14.00 - 14.25
Length: 25 Minutes
Location: Virtual

Description: This session focuses on five actionable takeaways that security professionals can use to prioritise and gain business buy-in in 2023. Centred around five key trends, we’ll discuss what topics security teams need to be briefing their boards on (and what they don’t), including increasing convergence with IT teams, resilience, people challenges, and the latest in SBOMs and ransomware. What does the future look like for SecOps teams in 2023… and beyond? Find out with Kirsty Paine, our security-focused Technical Strategic Advisor.

Speaker:
Kirsty Paine - Linkedin profile

The State Of AI In Cyber Security

Time: 14.30 - 14.55
Length: 25 Minutes
Location: Virtual

Description: Data Science advancements have plunged entire industries into a new era, and cyber security is at the forefront of those influenced.

The challenge for Security teams is how to best harness these advances – and benefit from them. To do this, they must carefully differentiate between over-promised hocus pocus, and what can truly be operationalised.

Speaker:
Josh Cowling - Linkedin profile

English - Cyber Security Symphony: How Secops at Raiffeisen Bank’s Cyber Defense Center Hits the Right Note.

Time: 15.00 - 15.45
Length: 45 Minutes
Location: Virtual

Description: Raiffeisen Cyber Defense Center (RCDC) develops detection and prevention mechanisms as vital players in the banks’ digitalization journey to keep the consumer confidence for 16 million+ customers across 13 CEE countries. The RCDC team is consistently improving security monitoring and response capabilities utilizing Splunk SIEM and Splunk SOAR. Join this session to hear Thomas Heiss, Head of Group Cyber Defense Center, and Henri Muhaxhiri, Head of Security Platform and Data Engineering discuss:

• The team charter, what the orchestra's structure looks like and how it’s evolved
• Deep dive into composed use cases across security detection, alert prioritization and automation plays
• Key milestones on their SecOps journey
• What technical architecture and organizational interlock looks like

Speakers:
Henri Muhaxhiri, Head of Security Platform and Data Engineering, Raiffeisen Bank International
Thomas Heiss, Head of Group Cyber Defense Center, Raiffeisen Bank International
Matthias Maier - Linkedin profile

German -Cyber-Security-Symphonie: Wie Das Cyber Defense Center Der Raiffeisen Bank International Den Richtigen Ton Trifft

Time: 15.00 - 15.45
Length: 45 Minutes
Location: Virtual

Description: Das Raiffeisen Cyber Defense Center (RCDC) entwickelt Erkennungs- und Präventionsmechanismen. Das RCDC ist damit ein wichtiger Digitalisierungsbaustein, dessen Aufgabe es ist, das Vertrauen der 16 Millionen Kunden in 13 mittel- und osteuropäischen Ländern in die digitalen Dienste der Bank sicherzustellen.

Mithilfe von Splunk SIEM und Splunk SOAR sorgt das Cyber Defense Team für kontinuierlich verbessertes Security Monitoring und optimierte Reaktionsmöglichkeiten.

Nehmen Sie an dieser Session Teil und erfahren Sie von Thomas Heiss (Head of Group Cyber Defense Center) und Henri Muhaxhiri (Head of Security Platform and Data Engineering) mehr über Best Practices im SOC-Betrieb:

• Aufbau des Teams, Orchesterstruktur und -entwicklung
• Einblicke in Security Use Cases: Erstellung neuer Erkennungen, Alarmpriorisierung, Optimierung mit Automatisierung und mehr
• Wichtige Meilensteine auf der SecOps-Reise
• Details zur technischen Architektur und organisatorischen Einbindung

Speakers:
Henri Muhaxhiri, Head of Security Platform and Data Engineering, Raiffeisen Bank International
Thomas Heiss, Head of Group Cyber Defense Center, Raiffeisen Bank International
Matthias Maier - Linkedin profile

Splunk Security Overview

Time: 10.00 - 10.25
Length: 25 Minutes
Location: Virtual

Description: Join this overview session to understand more about Splunk's security abilities. What capabilities does Splunk have to offer in the security space? How do they all work together to strengthen your security posture? Why should you care?

Speaker:
Simon Pettersson - Linkedin profile

Demo: How to select your First detection rules

Time: 10.30 - 10.55
Length: 25 Minutes
Location: Virtual

Description: Which detection rules should you enable first? Which techniques are popular among the bad guys? After all, the first blow is half the battle.

Speaker:
Ronald Beiboer - Linkedin profile

Demo: Build Security Detection in 20 Minutes

Time: 11.00 - 11.25
Length: 25 Minutes
Location: Virtual

Description: Learn how you can go from raw data to powerful detections and customised dashboards in just 20 minutes.

Speaker:
Simon Pettersson - Linkedin profile

Alert Prioritization and Operationalization With Splunk Siem

Time: 11.30 - 11.55
Length: 25 Minutes
Location: Virtual

Description: Learn how Risk Based Alerting in Splunk Enterprise Security alerts your analysts of potential threats to your organization - without flooding them with hundreds of false positives per day.

Speaker:
Mikael Bjerkeland - Linkedin profile

Building Resilience With OT Security

Time: 13.00 - 13.25
Length: 25 Minutes
Location: Virtual

Description: Industrial organizations expect increasing cyberattacks on connected devices, especially legacy control systems. Learn how to build resilience by increasing your security posture – especially in OT environments and via a central IT/OT SOC.

Speaker:
Ewald Munz - Linkedin profile

Automating Security Procedures With Splunk SOAR

Time: 13.30 - 13.55
Length: 25 Minutes
Location: Virtual

Description: Learn how Splunk SOAR can assist your Security Analysts in automating trivial tasks, as well as ensuring that every incident is following your organisation's Response Plans for each type of incident.

Speaker:
Morten Bonde - Linkedin profile

Detect and Respond in Microservice Environments With Splunk

Time: 14.00 - 14.25
Length: 25 Minutes
Location: Virtual

Description: Learn how Splunk can be used for security monitoring in environments that use Kubernetes container orchestration technology, and come away with a better understanding of how to use Kubernetes focused log data in Splunk for security relevant events and incidents.

Speaker:
Robin Crohns - Linkedin profile

Demo: Detection as Code With Splunk Security

Time: 14.30 - 14.55
Length: 25 Minutes
Location: Virtual

Description: Hear from Splunk's Security Research team on their best practices, and learn to work in groups in an agile way to develop, test, and deploy high quality security detections.

Speaker:
Patrick Bareiss - Linkedin profile

EMEA Boss of the SOC

Time: 11:30 - 17:30
Length: 6 Hours
Location: In-Person & Virtual

Description: Running virtually and in an EMEA city near you, join our capture-the-flag Boss of the SOC competition and test your ability against other security teams! For more information please click here.

SPL Techniques Deep Dive: Re-Usable Tips and Tricks to Master Security Detections

Time: 10.00 - 10.25
Length: 25 Minutes
Location: Virtual

Description: SPL – Splunk Search Language – is the key to unlocking the most value within Splunk. This session will go into the flexibility and power of SPL to show how you can detect attackers before they complete their attack, by filtering needles from haystacks. And to demonstrate SPL's awesome power even further, we will show you how to use Splunk to solve Wordle.

Speaker:
Floris Ladan - Linkedin profile

Devsecops With Splunk (And How to Not Get Stuck in Dev-Ops-Sec)

Time: 10.30 - 10.55
Length: 25 Minutes
Location: Virtual

Description: DevSecOps can be a beast, and SOC teams will struggle if traditional SOC approaches are applied. In this session, we will share how to prepare to get it right, and avoid the frustration from the security and the DevOps side.

Speakers:
Matthias Maier - Linkedin profile
Stephane Estevez - Linkedin profile

Intro To The Splunk App For Data Science And Deep Learning

Time: 11.00 - 11.25
Length: 25 Minutes
Location: Virtual

Description: The Splunk App for Data Science and Deep Learning (DSDL), formerly known as the Deep Learning Toolkit (DLTK), lets you integrate advanced custom machine learning and deep learning systems with the Splunk platform. The app enables security analysts and data scientists to create advanced and highly specialised detections, or use open data science methods for thread hunting with Jupyter notebooks and any open source python libraries. DSDL allows users to seamlessly integrate with the Splunk platform to operationalize those custom security analytics. Join this session for an intro to DSDL, and also learn about examples, including the recent DSDL powered detection in Enterprise Security.

Speaker:
Philipp Drieger - Linkedin profile

What If You Have Multiple Splunk Platforms? (Hybrid, Multi-cloud, MSSP, ...)

Time: 11.30 - 11.55
Length: 25 Minutes
Location: Virtual

Description: Federated search is a fairly new feature of Splunk – so how does it work, where can it help, and where not?

Speaker:
Sven Vande Cappelle - Linkedin profile

OCSF From Vision to Implementation

Time: 13.00 - 13.25
Length: 25 Minutes
Location: Virtual

Description: The Open Cybersecurity Schema Framework (OCSF) project was announced at Black Hat in August. This session will share more details on an initial implementation with Splunk and the AWS Security Datalake.

Speaker:
Dominique Dessy - Linkedin profile

Risk Based Alerting: Best Practices

Time: 13.30 - 13.55
Length: 25 Minutes
Location: Virtual

Description: Where do you start with RBA? What are the best practices in implementing a Risk based approach? What can we learn from other customers, as well as from the wider community?

Speaker:
Martijn Belgraver - Linkedin profile

Recap Of The Week

Time: 14.00 - 14.25
Length: 25 Minutes
Location: Virtual

Description: We will have a small recap of the week and announce the BOTS winner.

Speaker:
Niklas Blomquist - Linkedin profile