Automation for the Modern SOC
The SOC is overwhelmed. Analysts are drowning in security alerts and operations work is rife with monotonous, repetitive tasks. There is a talent shortage of qualified security professionals to staff SOCs and to top it all off, mean time to detect, triage, and respond to threats is still too slow.
Sound familiar? Stop being overwhelmed. Get in control.
Attend our event to learn how you can empower your SOC with security orchestration, automation and response capabilities to help you:
Abstract:
The SOC is overwhelmed. Analysts are drowning in security alerts and operations work is rife with monotonous, repetitive tasks. There is a talent shortage of qualified security professionals to staff SOCs and to top it all off, mean time to detect, triage, and respond to threats is still too slow. Sound familiar? Stop being overwhelmed. In this session, we’ll teach you how Splunk SOAR allows you to work smarter, respond faster, and strengthen your defenses in both on-prem and cloud environments!
• New visual playbook editor
• Splunkbase apps (tentative)
• Overview video
• In platform app editor - troubleshooting, editing, adding to apps
Abstract: Phishing is one of the world's most effective attack vectors practiced by criminals to help assess a target organization’s security posture. In this session, see how Splunk SOAR and TruSTAR work together to simplify your phishing response, and protect you from these criminals. TruSTAR works to enrich SOC workflows with normalized threat intelligence from third-party sources. Splunk SOAR provides context, validation, and automated response using integrations like Recorded Future and Zscaler. Turn your data into action.
Abstract: Case management ensures that threats are proactively identified, prioritized, and rapidly investigated. This functionality is built into Splunk SOAR, and allows you to codify your standard operating procedures into reusable templates. In this session, we’ll show you how Uber uses Splunk SOAR case management functionality to create custom lists and design playbooks, reducing time spent to engage, mitigate and resolve threats.
Abstract: As organizations rapidly grow their footprints in the cloud, it becomes increasingly important to regularly review the accounts and permissions that are being configured across a wide variety of cloud resources. Preventing misuse of privileged accounts is extremely important for defending against all malicious intrusions and data exfiltration. Phil Royer, our distinguished Splunk SOAR researcher, will walk you through how to monitor and protect your cloud accounts across GCP, Azure, and AWS with pre-built playbooks that you can leverage today.
Abstract: Are your security analysts spending hours manually managing vulnerabilities? A strong vulnerability management program is essential to adequately secure a corporation, but doing this effectively can require exhaustive manual resources and valuable time your analysts could be using towards developing sophisticated security solutions. Splunk’s Threat and Vulnerability Management team has built an automated vulnerability management solution using Splunk Cloud and Splunk SOAR. We'll show you how to get your security analysts away from manual tracking so they can focus on resolving vulnerabilities before the bad guys break in.
Director, Product Marketing - Security, Splunk
Principal Product Manager, Splunk
Senior Product Manager TruSTAR, Splunk
Security Solutions Architect, Splunk
Security Community Manager, Splunk
Sr. Security Technologist, Uber
Splunk Research Engineer, Splunk
Sr. Threat & Vulnerability Analyst, Splunk
Sr. Security Engineer, Splunk
|
