Topic: Splunking for Endpoint Security
Summary:
The front line in cybersecurity is the endpoint (and users). In this talk I will be discussing methods often used as attack vectors and how to detect them using Splunk. Learn how to improve your organization’s security posture by Splunking filesystem details, processes, services, hashes, ports, registry settings and more.
Presenter: Randy Trobock
Randy Trobock is a professional services security consultant for Splunk with 6+ years in IT and security fields. He currently holds CISSP, CEH, SSCP certifications, has security consultant experience in several industries including energy/utilities, retail, insurance, education, and finance. He likes to drink expensive scotch and owns many leather bound books.