We use cookies to ensure that we give you the best experience on our website. By continuing your visit on the website, you consent to the use of the cookies. If you want to find out more about the cookies we use, you can access our Privacy Policy.
Please join us as we bring back our first in-person Splunk Toronto User Group event! Food and beverages will be provided.
About this event
Please join us as we bring back our first in-person Splunk Toronto User Group event! Food and beverages will be provided.
Location: Room 6G @ WeWork Office - 176 Yonge Street, 6th Floor, Toronto, ON Note: Enter from 401 Bay street. There will be someone waiting at the door to let you in and direct you to the room.
Agenda:
545pm - Doors open, Food & Beverage available 6pm - 645pm - Topic 1 - SIEM Infrastructure & Challenges 645pm - 730pm - Topic 2 - Purple Teaming with Splunk 730pm - Close out
This presentation is based on personal experience with multiple customers facing many challenges in having a sound infrastructure that supports SIEM. This includes correct architecture building, tools in place (eg. rsyslog, syslog-ng etc.) and correct configurations to minimize the load on the indexers to keep them in optimal conditions at all times. The presentation will explain how the above is not just technically sound but also financially beneficial for the organizations.
Purple Teaming with Splunk
During this talk, Mahamudul will discuss the benefits of purple teaming and how to automate parts of it. How to use the Splunk Attack Range application for purple teaming and detection development and enhanced detection engineering through examples.