In this episode, we talk .Conf! David and I attended Splunk .conf remotely and sit down to discuss this years presentations and announcements. Unfortunately, after we finished recording, we realized we had gone on for an hour, and decided to chop the episode in two.
Here in the second part, we discussed our favorite talks we saw. Unfortunately there were way too many talks to see all of them, so there are many other worthy talks we don't discuss!
.conf homepage - Hit "Watch" at the top, and select ".conf Online" to watch the talks!
David's Picks:
SEC1163A - Proactive Risk Based Alerting for Insider Threats: Matt Snyder
SEC1643A - Splunk Security Essentials: An Approach to Industry Threat Detection Engineering - Johan Bjerke, Cynthia Li
Matthew's Picks:
SEC1249A - Accenture's Journey to Risk Based Alerting with Splunk Enterprise Security and Beyond: Chip Stearns and Marcus Boyd
SEC1441A - How We Maintain Our Correlations in Splunk Enterprise Security at Thales UK: Gabriel Vasseur
Honorable Mentions:
SEC1162A - Supercharge You Risk Based Alerting Implementation: Teresa Chila
SEC1222A - Security Triage in the Real World. The Rubber Hits the Road: Trevor Ford, Brendan Higgins
SEC1440A - Risk Based Response: Maturing your Security Operations With Risk Awareness and Splunk SOAR: Tom Wise, Hannah Cornford
If you found this interesting or useful, please follow us on Twitter @serengetisec and subscribe and review on your favorite podcast app!
In this episode, we discussed the Krebs on Security series on the Conti Ransomware chat logs. For an hour. Supporting Article Series - Conti...
In this episode, we discuss conferences. What are they? When should you go? Which ones should you go to? Included is some discussion of...
Malicious OAuth apps are coming for your Exchange admins! Oh noes! Also, Powerpoint gets in the malware delivery game and it turns out that...