Enhance your Security Detections with Machine Learning

Logo
Presented by

Jose Hernandez | Sr. Manager, Threat Research, Splunk David Dorsey | Security Research, Splunk

About this talk

Detection engineers consistently come up with excellent rules and heuristics to detect malicious and anomalous behaviors in their environment; a perfect example of this is password spraying. But since we can’t have nice things, there is always software or behaviors that violate the base assumption for that detection. This doesn’t invalidate the rule, but it does require that the rule have exceptions built into the rules. Doing this manually is tedious and time consuming. When a rule consistently gives false positives, it is natural and understandable to just ignore the rule. But that comes at the expense of when the rule detects something that is malicious. In this talk we will use password spraying as an example use case to showcase how detections can be matured through the use of Machine Learning. - Join our webinar, “Enhance your Security Detections with Machine Learning” and learn: - How to take a data driven approach to detection development - How to mature a detection to detect increasingly sophisticated attackers - How to use Splunk’s Machine Learning Toolkit to understand behaviors
Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (291)
Subscribers (38806)
Splunk helps make organizations more resilient. Leading organizations use our unified security and observability platform to keep their digital systems secure and reliable. Organizations trust Splunk to prevent security, infrastructure, and application issues from becoming major incidents, absorb shocks from digital disruptions and accelerate digital transformation.