Do you feel like many of your colleagues in IT security? No resources / security analysts? Or if you have any, are they busy with everything else, but not analyzing attacks? Do you want to react proactively? Do you want to reduce your response time from 40 minutes to 30 seconds?
Join us for our Phantom4Rookies technical session and discover the power of Security Orchestration, Automation and Response (SOAR). In 4.5 hours, you'll learn how to create a playbook with Splunk Phantom. This example Playbook examines the content of an e-mail, creates a risk rating, and initiates actions such as block the URL, detonate the file attachment and informs the user.
Agenda for Phantom4Rookies:
- Create playbooks
- Perform automated actions (for example, check URL reputation)
- Orchestrating actions on assets (for example, blocking an IP or detonate a file)
- Obtaining Approvals from other Departments within a specific time
- Automated notification of the user
Who should attend?
This compact and intensive workshop is aimed especially at security analysts, IT security officers and SOC employees. The topics covered are of a technical nature.
The workshop starts at 12:00 and will end at around 17:00. There are plenty of breaks and we'll wrap at up 17:00 with beers & pizza! A light lunch will be provided on arrival.
What you bring:
Your laptop with a browser that can access external websites.
What we bring:
- A free Splunk T-shirt
- A fun, educational experience
- Plenty of refreshments!
