it-sa 2019 - Germany on alert at Europe’s leading trade fair for IT security

Security Matthias Maier

A record-breaking number of 15.000 visitors make it-sa one of the largest get-togethers of the IT security community in Europe. The large amount of visitors, reveal a trend and need for enhancing cyber security strategies and capabilities across Germany. Many organizations are at a turning point in their cybersecurity journey - starting to establish their own, dedicated security know-how.

The Splunk Team and many partners had been on-site of course! Here are a few of my personal highlights.

Splunk at it-sa 2019

MITRE ATT&CK

The times when only big companies invested in cyber defence capabilities beyond Firewalls and Endpoint Protection is over. Every big or small security team is establishing a detect and response strategy beyond prevention and along the full kill chain.

Dr. Sebastian Schmerl, Cyber Defence Manager at ComputaCenter shared how they are using MITRE ATT&CK for Cyber Defence Maturity Assessments which enables organizations to allow the identification and prioritization of security investments.

Sebastian Schmerl, Computacenter

Each day of the conference, Angelo and me presented on stage, making 15-minute-pitches on MITRE ATT&CK, what it is and how it can be used with Splunk.

Splunk MITRE ATT&CK presentation

Operational Technology (OT) Security - Protecting the Shopfloor

Our partners Airbus and ComputaCenter showcased how they use Splunk to bring their know-how to the production lines within manufacturing plants. Computacenter showcased PDEX to collect PROFINET Data from Siemens Industrial Control Systems as an example.

Airbus showcased a cyber attack against a manufacturing line and how to detect and investigate it early with Splunk before it is too late.

Airbus at it-sa 2019

Managed SIEM & Managed SOC

At Splunk we help organizations build, operate, modernise and mature their Security Operations Center. However, not every organization can afford their own team of security analysts. To allow hybrid operating models or fully outsourced operating models, Splunk was present at many exhibition booths from our partners offering Managed Security Services powered by Splunk Technology.

Our partners at it-sa: magellan netzwerke GmbH, SVA GmbH, NTT Security, SecureLink, NetDescribe, Airbus Cybersecurity, Computacenter and doIT Solutions

Cheers,

Matthias

/en_us/blog/fragments/digital-resilience-pays-off
Style
two-column

Related Articles

All the Proxy(Not)Shells
Security
7 Minute Read

All the Proxy(Not)Shells

The Splunk Threat Research Team walks through exploitation of ProxyShell and ProxyNotShell using MetaSploit, and hunts through data in Splunk to showcase different avenues for defenders to identify malicious activity.
Add to Chrome? - Part 1: An Analysis of Chrome Browser Extension Security
Security
4 Minute Read

Add to Chrome? - Part 1: An Analysis of Chrome Browser Extension Security

An overview of SURGe research that analyzed the entire corpus of public browser extensions available on the Google Chrome Web Store.
regreSSHion: Uncovering CVE-2024-6387 in OpenSSH - A Critical Vulnerability
Security
9 Minute Read

regreSSHion: Uncovering CVE-2024-6387 in OpenSSH - A Critical Vulnerability

CVE-2024-6387, aka "regreSSHion", exposes Linux environments to remote unauthenticated code execution. Learn how to handle this CVE here.
/en_us/blog/fragments/about-splunk
/en_us/blog/fragments/subscribe-footer