SEMINAR - STAVANGER
Building security operations capabilities for tomorrow
In the ever-evolving threat landscape, organisations are facing several security operations challenges. How can these challenges be addressed, and what are the suggested strategies to overcome them?
During this seminar, mnemonic will provide insights to how we support our incident detection and response workflow by integrating multiple tools, primarily Argus and Splunk. Moreover, Splunk will discuss the two hot topics within security operations, SIEM and SOAR. What are the differences, how to use them and do you need them both?
Did you not have the opportunity to attend Splunk.conf this year? Don’t worry! Splunk will also give us an update on what’s new from Splunk Security and .conf 2019.
See you there!
What’s new from Splunk Security and .conf2019?
Splunk.conf is the premier education and thought leadership event for thousands of IT, security and business professionals looking to turn their data into action
During this presentation, Robin will give you an update on the latest and greatest security releases from Splunk and the ever-growing user conference .conf2019 October 21-24. Last year’s standing ovation was “Dark Mode”! Let’s bring the best from Splunk in Las Vegas this year to Stavanger.
Technical level: 1/5
Incident detection and response with Argus and Splunk
Detecting and responding to security incidents is a daunting task. Anyone that have been involved in this know that the amount of data and the complexity of our infrastructures makes it very hard to separate the relevant information from the noise. One of the secrets to success in this task is to have a well-defined workflow and the right collection of tools to support it.
In his presentation, Tommy will demonstrate how mnemonic use the integration between multiple tools, primarily Argus and Splunk, to support the incident detection and response workflow. He will show how correlation and enrichment provide valuable input both in determining incidents during detection, and in efficient and timely response.
Technical level: 3/5
SIEM and SOAR as the center for SecOps?
SIEM and SOAR solutions are both hot topics today, and are helpful to aggregate, correlate, build context, improve efficiency and quality the SOC delivers when remediating incidents in the organisation.
In this presentation, Robin will cover the differences between SIEM (Security Information and Event Management) and SOAR (Security Orchestration, Automation and Response) and how to effectively use them individually or both in parallel depending on your organisation and maturity. Are both needed and for what?