Security experts, Jose Hernandez and Michael Haag, will present in detail the Log4J vulnerabiity. They will take us through a demo of how an exploit might occur and how Splunk can spot it in action. There will be plenty of time for discussion so please bring your questions!
Jose Hernandez is the leader of the Threat Research team at Splunk. He started his professional career at Prolexic Technologies (now Akamai), fighting DDOS attacks from "anonymous" and "lulzsec" against Fortune 100 companies. As an engineering co-founder of Zenedge Inc. (acquired by Oracle Inc.), Jose helped build technologies to fight bots and web-application attacks. While working at Splunk as a Security Architect, he built and released an auto-mitigation framework that has been used to automatically fight attacks in large organizations. He has also built security operation centers and run a public threat-intelligence service. Although security information has been the focus of his career, José has found that his true passion is in solving problems and creating solutions. As an example, he built an underwater remote-control vehicle called the SensorSub, which was used to test and measure toxicity in Miami's waterways.
Michael Haag is Senior Threat Research at Splunk. Michael led the development of Atomic Red Team, an open-source testing platform that security teams can use to assess detection coverage. An avid researcher, he is passionate about understanding and evaluating the limits of defensive systems. His background includes security analysis, threat research, red teaming, and incident response.