Splunk for Security: Enterprise Security (ES) Hands-On Workshop
How Splunk ES provides organisation-wide visibility and security intelligence.
About the Workshop
Join Somerford's Splunk Security Expert, Ben Marrable to understand Splunk Enterprise Security, where it sits within Splunk's Security offering and how you can leverage it to improve your security detections and incident response.
Splunk Enterprise Security (ES) acts as the central management interface of the security operations centre, giving teams the insight to detect and respond to internal and external attacks quickly, simplifying threat management and minimising risk. ES helps teams gain organisation-wide visibility and security intelligence for continuous monitoring, incident response, and SOC operations, and provides executives with a window into business risk.
✓ An Overview of the Splunk Platform for Security
✓ Introduction to Splunk Enterprise Security and where it fits within the Splunk Eco-System
✓ How to define Security Events and create Correlation Searches
✓ How to conduct an Investigation with ES
✓ How to go Security Hunting with Enterprise Security
✓ Introduction to Risk Based Alerting (RBA)
*Prerequisite to attend the Splunk Enterprise Security Workshop is to be a user of Splunk or have attended one of our ‘Introduction to Splunk/ Splunk Essentials’ workshops.
Before attending our Splunk Enterprise Security Workshop:
In order for us to start promptly and cover all topics on the agenda, please ensure you adhere to the following requirements before arrival:
- A Splunk Enterprise Security virtual instance will be provided upon joining the workshop
- Please Note: Access will be provided for 24 hours.
- Access to an internet-connected device (preferably laptop/desktop) with a working up-to-date OS with an updated web browser (Chrome, Firefox, Safari etc.)
• We want to provide you with the best possible experience during our workshops. That's why we ask that you join us at the start of the session to participate in hands-on labs.
• Please be respectful and attentive during the workshop in order to get the most out of the session. Our workshop hosts are there to guide you through the labs and answer any questions you may have.
• After completing the workshop and hands-on labs, you will be eligible to receive certification for your participation.
• If you did not complete the hands-on labs, we will ask if you would like to join a future workshop to complete the labs and become eligible for certification.
If you have any problems or require support, please email: email@example.com