Enhance Your Threat Prevention, Detection, and Response

Logo
Presented by

Wissam Ali-Ahmad, Lead Solutions Architect, Splunk | Roy Arsan, Cloud Solutions Architect, Google

About this talk

In this session, we'll explore Google Cloud security controls and how to export security findings from Cloud Security Command Center and asset changes from Cloud Asset Inventory into Splunk Enterprise or Splunk Cloud for further forensic analysis, incident resolution and compliance monitoring. We’ll show how GCP events, alerts and other data sources fit into the Splunk Enterprise Security SIEM framework, and how to comprehensively investigate a security event. We’ll also demonstrate how to respond to Google Cloud security events from Enterprise Security using Splunk Phantom automated playbooks, and how to set up automation for the high fidelity security detections provided by Cloud Security Command Center.
Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (291)
Subscribers (38811)
Splunk helps make organizations more resilient. Leading organizations use our unified security and observability platform to keep their digital systems secure and reliable. Organizations trust Splunk to prevent security, infrastructure, and application issues from becoming major incidents, absorb shocks from digital disruptions and accelerate digital transformation.