ML in Security: Risky SPL Detection with MLTK

There is no question that the incorrect use of risky commands may lead to a security breach or data loss. Not to mention, there are scenarios where safeguard measures can be bypassed, leaving a vulnerability to malicious users. In this webinar we will walk through how we have combined security and machine learning (ML) expertise to implement some new detections in the Enterprise Security Content Update (ESCU) app.

We will explain the motivation and goals for ML based detection in ESCU, highlighting some of the pros and cons of using pre-trained models and federated learning. Then we will dive into a specific example of how we are using ML to detect risky SPL and how it relates to the Machine Learning Toolkit (MLTK). Finally, we will touch on how this comes together in ESCU and discuss additional resources.

In this session, you will learn:

Why ML based security detections matter
How to use ML based threat detections in ESCU
How the Risky SPL detection works
How to create and deploy ML detections using MLTK

Business Email*

First Name*

Last Name*

Job Title*

Company*

Country*

State or Province

Phone Number*

Post / Zip Code*

Department*

Interest*

Honeypot

DO NOT EDIT

I agree to the Splunk Websites Terms and Conditions of Use.*

I agree to receive marketing communications by email, including educational materials, product and company announcements, and community event information, from Splunk Inc. and its Subsidiaries pursuant to the terms of Splunk’s Privacy Policy. I can unsubscribe at any time.

Our Speakers

Greg Ainslie-Malik

Principal Product Manager at
Splunk, Inc.

Kumar Sharad

Senior Threat Researcher at
Splunk, Inc.

Abhinav Mishra

Principal Applied Scientist at
Splunk, Inc.

Splunk, Splunk>, Turn Data Into Doing, Data-to-Everything, and D2E are trademarks or registered trademarks of Splunk Inc. in the United States and other countries. All other brand names, product names, or trademarks belong to their respective owners.

Webinar

On Demand