Analytics-Driven Security

The Splunk platform uses analytics-driven security to address a wide range of use cases including advanced threat detection, insider threat detection, incident/breach investigation and response, ransomware prevention, fraud detection, SOC operations, compliance reporting, security orchestration and automation, and more.

Join our security experts in Splunk booth #N3421 to learn how Splunk:

  • Improves your security posture by providing a range of analytics-driven solutions to help defend against modern attacks
  • Enables faster investigation, breach analysis, incident response and threat hunting
  • Improves detection accuracy and investigation effectiveness by operationalizing a wide array of threat intelligence feeds
  • Provides a rich set of security solutions for integrated CLM, SIEM and UEBA
  • Uses packaged and pre-built machine learning capabilities as well as hundreds of third-party and community provided applications
Get Started
  • Free Expo Hall Pass Get Your Free Expo Hall Pass - Use Code: XS7SPLUNK
  • Technical Brief Using Splunk Software as a SIEM
  • Demo
    Security Investigation
Free Online Sandbox Try Now

Session Information

Automated Prevention of Ransomware with Machine Learning and GPOs

Abstract: This talk highlights a signature-less method to detect malicious behavior before the delivery of the ransomware payload can infect the machine. The machine learning driven detection method is coupled with the automated generation of a Group Policy Object and in this way we demonstrate an automated way to take action and create a policy based on observed IOC’s detected in a 0 day exploit pattern.

Time & Location:
Tuesday, February 14th
3:45-4:30pm
Moscone North 131
Speakers:
Rod Soto, Principal Security Researcher, Splunk
Joseph Zadeh, Sr. Data Scientist, Splunk

Theater Schedule


Monday 2/13    
5:00 PM - 7:00 PM Happy Hour  
Tuesday 2/14 Session Title Presenter
10:30 AM - 10:50 AM Splunk for Security Joe Goldberg
11:30 AM - 11:50 AM Replace Your Legacy SIEM Using Splunk Security Analytics Solution Girish Bhat
1:30 PM - 1:50 PM Valentine’s Day SOCs Advice:  Good SOCs Requires Good Intelligence Brian Vosburgh and Kristin Sargent
2:30 PM - 2:50 PM (How) Palo Alto Networks, Proofpoint, Splunk and Symantec Find Threats Even Faster with Adaptive Response 3 Partners
3:30 PM - 3:50 PM Solve Advanced Use-Cases Using A Behavior Centric Product - Splunk UBA Anurag Gurtu
4:30 PM - 4:50 PM Adaptive Security Architectures and Framework Kyle Champlin
5:30 PM - 5:50 PM Splunk for Anti-Fraud Detection and Automated Regulatory Compliance Joe Goldberg
Wednesday 2/15 Session Title Presenter
10:30 AM - 10:50 AM Splunk for Security Joe Goldberg
11:30 AM - 11:50 PM How to Build An Analytics-Driven SOC Using Splunk Girish Bhat
12:30 AM - 12:50 PM Palo Alto Networks and Splunk Team Together to Prevent Attacks and Protect Your Data Brian Torres-Gil
1:30 PM - 1:50 PM Valentine’s Day SOCs Advice:  Good SOCs Requires Good Intelligence Brian Vosburgh and Kristin Sargent
2:30 PM - 2:50 PM Strengthening Cybersecurity with NIST Standards-Based Solutions Harry Perper
3:30 PM - 3:50 PM Haiyan Song, Q&A: Splunk Security Vision Haiyan Song
4:30 PM - 4:50 PM Use Splunk and Symantec to Detect and Respond to Advanced Threats Colin Gibbens
5:30 PM - 5:50 PM Adaptive Response Using Proofpoint Emerging Threats Alok Ojha
Thursday 2/16 Session Title Presenter 
10:30 AM - 10:50 AM Splunk for Security Joe Goldberg
11:30 AM - 11:50 AM Developing An Insider Threat Hub with Splunk Ken Westin
12:30 PM - 12:50 PM Gain In-Depth Device Visibility & Automate Incident Response with Splunk and ForeScout Amy De Salvatore
1:30 PM - 1:50 PM The Economics of Attacks and Defense Rene Aguero