Splunk at Black Hat

August 3–8, 2019
Mandalay Bay – Las Vegas
Booth #1022

Is your SOC stuck in the past? Modernize it with Splunk!

Join Splunk at Black Hat — one of the world’s leading information security events, providing 19,000+ attendees with the very latest in research, development and trends.

Don’t let your SOC be stuck in the past. Modernize your security operations with Splunk for Security. Splunk uniquely combines security analytics, machine learning and automation technologies — forming the Splunk Security Operations Suite — to turn your data into real-time insights and actions. The Splunk Security Operations Suite includes market leading SIEM, UEBA and SOAR solutions — all augmented with actionable use case content, a highly scalable data platform and the largest security partner ecosystem.

Join our security experts in Splunk booth #1022 to learn how the Splunk Security Operations Suite can:

  • Streamline and scale your security operations with advanced analytics.
  • Force multiply your security resources through automation and orchestration.
  • Spot fraudsters, malicious insiders and pesky APTs with machine-learning based detection.
  • Avoid hefty fines by staying on top of your compliance requirements.
  • Leverage integrations via Splunk’s security partner ecosystem to decrease mean time to detect and respond to threats.
  • Learn tactics, techniques and best practices with continuous content updates and community resources to stay ahead of the latest vulnerabilities and exploits.

Transforming Intel’s Security Posture With Innovations in Data Intelligence

Intel is transforming their approach to security with deployment of a new Cyber Intelligence Platform (CIP) based on leading-edge technologies, including Splunk and Kafka. This new platform ingests data from hundreds of data sources and security tools, providing context-rich visibility and a common work surface, improving the efficiency of the entire Information Security organization and decreasing time to detect and respond to sophisticated threats. In close collaboration with Splunk architects, the team deployed this big data solution in just 5 weeks and immediately started realizing benefits. In this talk, Splunk and Intel will share CIP architecture, insights, and business value.

Jac Noel

Information Security Solutions Architect, Intel IT

Alexa Araneta

Product Marketing Manager

Date and time

Thursday August 8
11:00 am –11:50 am


Oceanside F

MITRE ATT&CK: The Play at Home Edition

You've seen the tactics and techniques. You've read the descriptions. However, something is missing… how do you take the theory of MITRE ATT&CK™ and actually DO something with it? At first glance, it is easy to be overwhelmed by the ATT&CK framework. Where do you start? Who should use it? What can you really do with a framework like ATT&CK? Combining the knowledge of an ATT&CK team member with the experience of a security practitioner who has helped implement it, Katie and Ryan will teach you how to take ATT&CK from a cool-sounding idea to a powerful force for creating a threat-informed defense in your company. They will walk the audience through the story of how ATT&CK helped a fictional organization solve real-world-inspired problems that defenders struggle with every day. The presentation will discuss how different teams like threat intelligence analysts, threat hunters, SOC analysts, red teamers and even executives can use ATT&CK to improve how they track threats and protect against them. Regardless of their role, attendees will learn how they can hit the ground running with ATT&CK on the first day they return home.

Katie Nickels

ATT&CK Threat Intelligence Lead, MITRE

Ryan Kovar

Principal Security Strategist, Splunk

Date and time

Wednesday, August 7
2:40 pm-3:30 pm


South Pacific

Theater Schedule
WEDNESDAY, AUGUST 7, 10:00AM - 7:00PM (12 Sessions)
Time Slots Session Title Presenter Company
10:30 am -10:45 am Suite Dreams Are Made of This, Part 1: Modernize Your SOC with the Splunk Security Operations Suite Patriz Regalado Splunk
11:00 am -11:15 am Suite Dreams Are Made of This, Part 2 (Demo): Everybody's Looking for Something Chris Arrasmith Splunk
11:30 am -11:45 am Transition to a Next-Gen SIEM Platform Michael Sloan Accenture
1:00 pm - 1:15 pm I Can Go For That: Detect Unknown Threats and Anomalous Behavior Using Splunk UBA Koulick Ghosh Splunk
1:30 pm - 1:45 pm Dancing in the Dark: Detecting Cyber Attacks on IoT Infrastructure Mary Chen & Chris Duffey Splunk
2:00 pm - 2:15 pm Pour Some Automation On This: Close Your Skills Gap with Splunk Phantom Chris Simmons Splunk
2:30 pm - 3:00 pm Q&A with Haiyan Song, SVP + GM, Security Markets, Splunk and Oliver Friedrichs, VP + GM, Automation and Orchestration, Splunk Haiyan Song & Oliver Friedrichs Moderator: Chris Simmons Splunk
3:30 pm - 3:45 pm SOAR to the Cyber Skills Gap Rescue Lee Peterson Starbucks
4:00 pm - 4:15 pm It Takes Two: Automated Security at Machine Speed with the Splunk Adaptive Operations Framework Don Leatham & Wissam Ali-Ahmad Splunk
4:30 pm - 4:45 pm I Want to Break Free (From My SIEM): Replacing a Legacy SIEM with Splunk Alexa Araneta Splunk
5:00 pm - 5:15 pm Sweet SOC O' Mine: Risk-Based Alerting Jim Apger Splunk
5:30 pm - 5:45 pm Maximizing Security Effectiveness with Cisco Firepower and Splunk Doug Hurd Cisco
THURSDAY, AUGUST 8, 10:00AM - 5:00PM (10 sessions)
Time Slots Session Title Presenter Company
10:30 am -10:45 am How Will I Know: Simulate Attacks with MITRE ATT&CK, Splunk Phantom, and Splunk Enterprise Kyle Champlin Splunk
11:00 am -11:15 am We're Not Gonna Take It: Find the Fingerprints of Fraud in Your Data Jade Catalano Splunk
11:30 am -11:45 am Another Threat Bites the Dust: Hunting Insider Threats with Splunk UBA and Splunk Enterprise Security Tom Smit Splunk
1:00 pm - 1:15 pm Symantec SOC View for Splunk: Advanced Security Built on Symantec ICDx and Splunk Colin Gibbens Symantec
1:30 pm - 1:45 pm Mr. Roboto: AI and Cybersecurity Doug Lhotka Splunk
2:00 pm - 2:15 pm Dancing in the Dark: Detecting Cyber Attacks on IoT Infrastructure Mary Chen & Chris Duffey Splunk
2:30 pm - 3:00 pm Q&A with Monzy Merza, VP + Head of Security Research, Splunk and Sourabh Satish, VP + Distinguished Engineer, Splunk Monzy Merza & Sourabh Satish Moderator: Doug Lhotka Splunk
3:30 pm - 3:45 pm One Thing Leads to Another: Use Splunk Security Content Updates to Empower Your SOC Jeswanth Manikonda Splunk
4:00 pm - 4:15 pm Suite Dreams Are Made of This, Part 1: Modernize Your SOC with the Splunk Security Operations Suite Alex Spiliotes Splunk
4:30 pm - 4:45 pm Suite Dreams Are Made of This, Part 2 (Demo): Everybody's Looking for Something Elyssa Christensen Splunk
Meet Splunk Security Experts at Black Hat 2019!!

Going to Black Hat? Got questions about Splunk? We’ve got answers! Splunk security specialists will be on hand to meet one-on-one at Black Hat. Let us know which topic you’d like to discuss and we’ll make it happen: Security Monitoring, Incident Investigation, Incident Response and Forensics, Advanced Threat Detection, Insider Threat, Compliance, SOC Automation and Orchestration, Fraud Analytics and Detection or OT Security.

Additional Events
VIP Reception with Accenture @ Black Hat 2019


Great food, open bar, music and more

Date and time

Wednesday, August 7
7:00 pm -10:00 pm


House of Blues in Mandalay Bay

Register Now!

October 21-24, 2019 | Las Vegas

Learn More