Enhance Your Threat Prevention, Detection, and Response

Logo
Presented by

Wissam Ali-Ahmad, Lead Solutions Architect, Splunk | Roy Arsan, Cloud Solutions Architect, Google

About this talk

In this session, we'll explore Google Cloud security controls and how to export security findings from Cloud Security Command Center and asset changes from Cloud Asset Inventory into Splunk Enterprise or Splunk Cloud for further forensic analysis, incident resolution and compliance monitoring. We’ll show how GCP events, alerts and other data sources fit into the Splunk Enterprise Security SIEM framework, and how to comprehensively investigate a security event. We’ll also demonstrate how to respond to Google Cloud security events from Enterprise Security using Splunk Phantom automated playbooks, and how to set up automation for the high fidelity security detections provided by Cloud Security Command Center.

Related topics:

More from this channel

Upcoming talks (19)
On-demand talks (248)
Subscribers (32417)
Splunk is the world’s first Data-to-Everything Platform. Now organizations no longer need to worry about where their data is coming from, and they are free to focus on the business outcomes that data can deliver. Innovators in IT, Security, IoT and business operations can now get a complete view of their business in real time, turn data into business outcomes, and embrace technologies that prepare them for a data-driven future.