Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

It’s long since been established that it’s not if a breach will occur in your enterprise, it’s when. Are you prepared for that response? As Dave Kennedy, CEO of TrustedSec once asked a Brrcon audience, “If all you had was Sysmon, could you still do a successful IR?” Best practices are only best if you actually practice them. Along with Robert Wagner, Staff Security Specialist at Splunk, we’ll talk about ways to get your teams to their fighting weight when the bad guys sneak in through the basement.

Splunk SOAR Playbooks - AWS IAM Find and Disable Inactive Users.

Recorded Future is a longtime Splunk integration partner. Recorded Future's integration with Splunk Phantom allows them to empower security operations center (SOC) analysts with automated, real-time threat intelligence to drive smarter, faster security decisions.

Ernst & Young LLP (EY) is a Big Four professional services firm that helps clients solve some of the most pressing business problems. With Splunk Phantom, EY helps enterprises improve security and better manage risk by integrating processes and tools, and ultimately respond more quickly to security threats...

Watch this demo to learn more about key capabilities of Splunk Phantom, including orchestration, automation, playbook development, case management, and collaboration functionality.

This video shows how Aggregation rules work and may provide some ideas on their usage in your own Phantom deployment.

Video coverage of replacing SSL Certificates within Phantom.

As security analysts, Kevin and Jeff know the importance of responding quickly to security incidents. In this episode, Kevin and Jeff compete to see who can achieve the fastest incident response time. Learn more at www.splunk.com/phantom.

Kevin has the “alert fatigue”. He’s overwhelmed by too many security alerts, and he doesn’t have the resources or the time to investigate and respond to all of them. Jeff explains how automation from Splunk Phantom can help. And now, with Phantom on Splunk Mobile, you can automate security operations directly from your mobile phone.

Jeff and Kevin meet up for “SOCtails” to chat about their experiences working in different SOCs (Security Operations Center). Kevin gets a security alert and opens his laptop to resolve it. Jeff shows Kevin a better way with Splunk Phantom.