The Best of .conf20: Security Sessions

By Splunk

This year, more than 29,000 people from all over the world came, saw and .confed for Splunk’s first all-virtual .conf extravaganza. But with 200+ sessions to choose from — including more than three dozen in the security track alone — there’s enough learning to stay busy for a while yet. To help you prioritize, we’ve rounded up the top security sessions, all available for easy online viewing so you can keep up with the latest tools to address alert fatigue, anomaly detection and more.

SEC1391C - Full Speed Ahead with Risk-Based Alerting (RBA)
Take a Vulcan-level approach to the business of SOC with risk-based alerting (RBA). In this session, learn about the recent evolution of RBA and how the concept of a Threat Object has been integrated alongside Risk Object. You’ll also get to delve into new Splunk Enterprise Security (ES) additions, and how ES can empower your team. Spock would be proud.
Anomaly Detection and Insider Threat Hunting with Splunk UBA
Learn how machine learning can help your security team with some of the heavy lifting via Splunk User Behavior Analytics (UBA). In this session, viewers see how UBA can help track a threat and an anomaly through an entire environment using real data from a Boss of the SOC scenario. Info on further learning resources to round out the tutorial are available during the presentation, too.
How to Unify your Security Tools with Splunk Mission Control
The countdown is on to say goodbye to “swivel chair” security. This session is for folks looking to integrate their entire security infrastructure so they can not only analyze and respond to threats faster but also make security decisions more efficiently. Prepare for blast-off as you learn how Splunk Mission Control allows you the flexibility to integrate your own security tools with a robust set of framework plug-ins and unify your security defenses in a common work surface. It’ll be all systems go in no time.

Bring data to every security challenge with these resources from .conf20.

----------------------------------------------------
Thanks!
Eric Schou

#splunkconf17 Preview: Splunk for DevOps? Absolutely!

Come to the great DevOps sessions at .conf2017 in Washington, D.C. You won't want to miss them.

.conf & .conf Go 2 Min Read

Ingest Actions: Data Access When, Where and How You Need It

Announcing Ingest Actions, one of the most powerful changes to the Splunk platform that sets up users for more intelligent investigation and decisive, effective action.

.conf & .conf Go 2 Min Read

Boss of the NOC at .conf20

You’ve registered for .conf20, now it’s time for you and your team to prepare for one of the three virtual Boss of the NOC sessions that will be held over a 24-hour window prior to .conf20 keynote kickoff!

About Splunk

The world’s leading organizations rely on Splunk, a Cisco company, to continuously strengthen digital resilience with our unified security and observability platform, powered by industry-leading AI.

Our customers trust Splunk’s award-winning security and observability solutions to secure and improve the reliability of their complex digital environments, at any scale.

Learn more about Splunk

The Best of .conf20: Security Sessions

Related Articles

#splunkconf17 Preview: Splunk for DevOps? Absolutely!

Ingest Actions: Data Access When, Where and How You Need It

Boss of the NOC at .conf20

About Splunk

Subscribe to our blog

Connect with Splunk on X

Connect with Splunk on Instagram