Analytics-Driven Security

Join our security experts in Splunk booth #C20 at the annual Infosecurity Europe exhibition to learn how Splunk can quickly detect and respond to internal and external attacks, simplify threat management while minimizing risk, and help safeguard your business.

Come See Our Sessions

Using Big Data for Cybersecurity

Attend this session to see a demo and learn how Splunk, a leading Big Data SIEM, is used by thousands of customers for incident investigations/forensics, known and unknown threat detection, fraud detection, security and compliance reporting, and more.

Time & Location:
Tuesday 7th June & Thursday 9th June 2016
14.40-15.05
Technology Showcase Theatre
Speaker:
Joe Goldberg
Security Evangelist, Splunk

Security Workshop: Securing Your Cloudy Assets

A collaborative workshop where discussion will revolve around how security professionals can secure the assets and information that their organization has placed in the cloud. We will focus on creating solutions for problems and trying to find the landmines of the future.
(Pre-registration necessary)

Time & Location:
Wednesday 8th June 2016
10.00-12.00
Speaker:
Ryan Kovar
Staff Security Strategist, Splunk

Live Security Incident Investigation

Come to see and learn in this session by going through the kill chain of an targeted attack and navigating through an incident investigation to learn how the attacker worked.

Time & Location:
Wednesday 8th June 2016
14.40-15.05
Technology Showcase Theatre
Speaker:
Matthias Maier
EMEA Security Evangelist, Splunk

Phishing Attacks - Are you Ready to Respond?

Phishing and Spear Phishing attacks are the number one starting point for most large data breaches. But there is currently no efficient prevention technology available to mitigate this risk. Learn what capabilities organizations need to have in order to respond to phishing attacks and lower the risk.

Time & Location:
Thursday 9th June 2016
10.40-11.05
Tech Talk Theatre
Speaker:
Matthias Maier
EMEA Security Evangelist, Splunk

Daily Schedule


Time Presentation
09:50 – 10:10  Splunk 101
10:20 – 10:40 Operationalize Threat Intelligence – Learn How to Accelerate Threat Detection, Investigation & Response
10:50 – 11:10 Cisco
11:20 – 11:40 Detect Insider and Advanced Threats by Leveraging Machine Learning
11:50 – 12:10 Splunk 101
12:20 – 12:40 You’ve Detected a Threat – Learn 5 Things You Should Do Immediately
12:50 – 13:10 Guest Presentation
13:20 – 13:40 Splunk 101
13:50 – 14:10 Using Splunk to Visualize Qualys Vulnerability Data
14:20 – 14:40 Operationalize Threat Intelligence – Learn How to Accelerate Threat Detection, Investigation & Response
14:50 – 15:10 Splunk 101
15:20 – 15:40 Detect Insider and Advanced Threats by Leveraging Machine Learning
15:50 – 16:10 Splunk 101*
16:20 – 16:40 You’ve Detected a Threat – Learn 5 Things You Should Do Immediately*
  *Sessions run Tuesday & Wednesday only

 

Splunk Enterprise Security

Splunk Enterprise Security runs on top of Splunk® Enterprise or Splunk Cloud. Splunk ES can be deployed as software, as a cloud service, in a public or private cloud, or in a hybrid software-cloud deployment.

faster data onboarding icon

Improve Security Operations

Decrease incident response times and demonstrate compliance by leveraging a rich set of pre-built dashboards, reports, incident response workflows, analytics, correlations and security indicators.
easier analytics icon

Improve Security Posture

Optimize security monitoring, prioritization, response, containment and remediation processes by analyzing all machine data to understand the impact of alerts or incidents.
proved scalability icon

Prioritize Security Events and Investigations

Enhance decision making and align risk posture with the business by applying risk scores to any event, asset, behavior, or user based on their relative importance or value to the business.
centralized management icon

Detect Internal and Advanced Threats

Verify privileged access and detect unusual activity by applying user- and asset-based context to all machine data to monitor user and asset activities.
fraud icon

Make More Informed Decisions

Enhance incident investigation, breach investigation, and scoping by leveraging threat feeds from a broad set of sources, including free threat intelligence feeds, third party subscriptions, law enforcement, FS-ISAC Soltra (via STIX/TAXII), internal and shared data.
faster data onboarding icon

Operationalize Threat Intelligence

Multiple threat intelligence sources can be aggregated, de-duplicated and assigned weights so a wide range of Indicators of Compromise (IOCs) can be used for all aspects of monitoring, alerting, reporting, investigation and forensic analysis.
easier analytics icon

Monitor in Real Time

Detect unusual activities associated with advanced threats by leveraging statistical analysis, correlation searches, dynamic thresholds, and anomaly detection.
easy deploy use icon

Optimize Incident Response

Streamline investigations of dynamic, multi-step attacks with the ability to visualize, and therefore more clearly understand, the attack details, as well as the sequential relationship between various events to quickly determine the appropriate next steps.
 
postfinance logoThreat Detection Gets Real: Splunk & PostFinance

"“Our use of the Splunk platform has grown dramatically and it is now an integral part of our IT operations, providing insights in areas from e-commerce to security and fraud. Ultimately, with Splunk Enterprise, we have improved the protection we offer our customers.” "

-Patrick Hoffman, Head of IT Infastructure, PostFinance

Read the Case Study