-
Sujets
-
Type de contenus
Webinaire
Livre blanc
Blogue et article
Balado
Conférence
Vidéo
Étude de cas
Pause TI
Fiche produit
Étude TI
Conférence Cybersécurité 20/20
Atelier Cybersécurité 20/20
Dossier Big Data
Dossier Cloud
Dossier Transformation par les TI
Dossier Virage 4.0
Dossier Étude TI 2018
Dossier Sécurité
Dossier Sécurité et disponibilité des TO
-
Partenaires

Visibilité | Don’t Wait for the Breach: Perfecting Your Splunk Alerts
Découvrez cette conférence qui s'est déroulée lors de l'événement virtuel Cybersécurité 20/20 les 24 et 25 novembre 2020.
Descriptif de la conférence (présentée en anglais) :
With a Splunk deployment collecting up to 1M alerts a day from various security tools, which range from the trivial to the disastrous. And it’s not just individual alerts that matter, it’s the ability to combine multiple alerts from multiple security tools in a particular sequence and within a particular time frame and recognize that pattern as a security event which then generates the relevant alert on Splunk. SecOps teams spend a lot of time trying to write rules for Splunk alerts which fire off when these conditions happen – but they’re nearly impossible to test. In fact, most security teams only see what security events really look like in the rear-view mirror. With Threat Simulator, they can evaluate not only the effectiveness of their WAFs, firewalls, IDSs and more, but their ability to correctly classify and respond to security events on their network.
-
ANDREW YOUNG, Security Solutions Architect - KEYSIGHT TECHNOLOGIES