Threat Detection Series

Start thinking like an attacker and learn how to make more effective decisions to prevent costly attacks – before your business is interrupted.

It’s key to know how cyber attacks are executed once inside your virtual boundaries. That’s where a comprehensive framework like MITRE ATT&CK comes into play, showcasing real-world methods used by today’s adversaries to help you gain better visibility and level up your defences.

Join this webinar On Demand to learn why traditional defence techniques – focusing on one specific attack tactic only – are no longer a sufficient approach.

In this session you will learn:

The most common cyber attack & security frameworks used by SecOps teams
The key pillars of cyber security every organization should adhere to
What a threat-centric process for building defense capabilities looks like
How to efficiently operationalize the sheer volume of MITRE detections in SecOps
How to evaluate and track MITRE ATT&CK Coverage

Speakers:
Davide Veneziano
Senior Sales Engineer
Splunk

Antonio Forzieri
Cybersecurity Specialist
Splunk

Matthias Maier
Director of Product Marketing
Splunk

Having detection techniques at hand – which you can apply in systematic approaches across different environments – is a ninja skill detection engineers and threat hunters need to have.

In this session, Senior Threat Hunter Doug Brown will provide you with just that. Join Doug as he explores a range of concrete search techniques to measure a variety of behavioural changes, and demonstrates how to map those to MITRE ATT&CK techniques.

Attend this session to learn how to:

Map advanced statistics to MITRE ATT&CK techniques
Detect spikes with median absolute deviation and handle data with seasonality
Identify first-time events in new values seen in a field or combination of fields, including cardinality of distinct fields to measure behaviour change
Detect C2 beaconing through domain parking and lateral movement with RDP for first-time users by applying simple sequencing techniques
Plus, you’ll get bonus examples of highly complex sequencing approaches.

Ciao Rome, Florence, Venice, Milan, Naples and more!

.italo operates an Essential Service by connecting more than 100 million people annually across Italy with its super fast and secure railway. And CISO Enrico Maresca has been on a whirlwind journey of his own.

Formerly a Cyber Security Engineer, Enrico started at .italo as an IT Security Manager. One year later, he was promoted to CISO and tasked with building out – and significantly increasing the maturity level – of the SOC. The result was a huge step forward for .italo.

So how did he successfully achieve this ambitious ask? Join Enrico as he reveals the key insights and lessons learned in his SOC journey, including:

Top challenges faced in improving security posture
Key KPIs implemented in order to measure success
Strategies and approaches applied in the SOC
How MITRE ATT&CK and Splunk Enterprise Security were utilised
Next steps in their maturity journey ahead
Who is this webinar for? This session is designed for security leaders who want to learn best practices in SecOps directly from their peers.