In this episode, we talk .Conf! David and I attended Splunk .conf remotely and sit down to discuss this years presentations and announcements. Unfortunately, after we finished recording, we realized we had gone on for an hour, and decided to chop the episode in two.
Here in the second part, we discussed our favorite talks we saw. Unfortunately there were way too many talks to see all of them, so there are many other worthy talks we don't discuss!
.conf homepage - Hit "Watch" at the top, and select ".conf Online" to watch the talks!
David's Picks:
SEC1163A - Proactive Risk Based Alerting for Insider Threats: Matt Snyder
SEC1643A - Splunk Security Essentials: An Approach to Industry Threat Detection Engineering - Johan Bjerke, Cynthia Li
Matthew's Picks:
SEC1249A - Accenture's Journey to Risk Based Alerting with Splunk Enterprise Security and Beyond: Chip Stearns and Marcus Boyd
SEC1441A - How We Maintain Our Correlations in Splunk Enterprise Security at Thales UK: Gabriel Vasseur
Honorable Mentions:
SEC1162A - Supercharge You Risk Based Alerting Implementation: Teresa Chila
SEC1222A - Security Triage in the Real World. The Rubber Hits the Road: Trevor Ford, Brendan Higgins
SEC1440A - Risk Based Response: Maturing your Security Operations With Risk Awareness and Splunk SOAR: Tom Wise, Hannah Cornford
If you found this interesting or useful, please follow us on Twitter @serengetisec and subscribe and review on your favorite podcast app!
In this episode we talk about hiring in Information Security. This discussion was triggered by an article on not hiring losers, so we discuss...
In our continual search for the most useful Information Security Report, chock full of insight and wisdom, we review the Talos Inaugural Year In...
Today we take a look at some tools that provide "Detection Posture Management", which is the fanciest way I found to describe it. These...