Simulate and Detect threat in Splunk - Splunk Mumbai User Group Session
AjitNayak55
57 views
11 slides
Aug 09, 2024
Slide 1 of 11
1
2
3
4
5
6
7
8
9
10
11
About This Presentation
This presentation encompasses a comprehensive exploration of cybersecurity concepts, with a particular emphasis on the Splunk Attack Range. Participants will learn how to utilize this tool to test and simulate various types of attacks, such as brute force attacks, and effectively detect them using S...
Slide Content
Join splunk_Mumbai_usergroup on Slack Use splunk_Mumbai_usergroup for Q&A during session. Slides, Recording and Feedback form will be posted on the Event Page after the session. Splunk Corporate Template | TMPLT-FY22-101 MUMBAI SPLUNK USER GROUP Welcome!
Anurag Singh Senior Splunk Engineer Avotrix MUMBAI SPLUNK USER GROUP 3 Vignesh Naidu Avotrix CTO Ajith Nayak Avotrix Assoc. Director Diksha Negi Avotrix Assoc. Director Panelists
Splunk Corporate Template | TMPLT-FY22-101 Overview What is Splunk Attack Range Configuration Simulating an attack MUMBAI SPLUNK USER GROUP
Splunk Corporate Template | TMPLT-FY22-101 Splunk ? Interactive, Scalable & Innovative Customization as per your requirement. View all workspace data at once place. Drill down & in-depth knowledge. Create company-oriented use cases. Highly customized alerts & reports. MUMBAI SPLUNK USER GROUP
Splunk Corporate Template | TMPLT-FY22-101 Splunk Attack Range An open-source project maintained by the Splunk Threat Research Team. It is a detection development platform. Easily build a small lab infrastructure to test different attack simulation. It uses framework such as Atomic Red Team, Caldera. Sends the test data to Splunk. MUMBAI SPLUNK USER GROUP
Splunk Corporate Template | TMPLT-FY22-101 Before we proceed… MITRE Attack Framework Atomic Red Team Sigma – SIEM Detection Format uncoder.io MUMBAI SPLUNK USER GROUP
Splunk Corporate Template | TMPLT-FY22-101 MITRE Attack Framework ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) A knowledge base of cyber adversary tactics and techniques Techniques : Specific actions adversaries use to achieve their goals 200+ technique Sub-Techniques: Detailed methods to achieve techniques 400+ sub-techniques Tactics: Represent the adversary's tactical goals (e.g., Initial Access, Execution) 14 different tactics MUMBAI SPLUNK USER GROUP
Atomic Red Team Splunk Corporate Template | TMPLT-FY22-101 It is free, open source and community developed. It is a library of tests mapped to the MITRE ATT&CK framework. Provides small, discrete tests (atomic tests) to validate security controls. MUMBAI SPLUNK USER GROUP
Splunk Corporate Template | TMPLT-FY22-101 Sigma – SIEM Detection Format 3000+ Detection rules of different type. A place where security practitioners collaborate on detection rules. Shareable knowledge MUMBAI SPLUNK USER GROUP
Splunk Corporate Template | TMPLT-FY22-101 Configuration Easy to install on AWS, Azure and local. Perform Attack Simulations with Atomic Red Team or PurpleSharp MUMBAI SPLUNK USER GROUP
Splunk Corporate Template | TMPLT-FY22-101 MUMBAI SPLUNK USER GROUP Thank You !
Download
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 57
- Slides 11
- Age 480 days
Related Slideshows
11
8-top-ai-courses-for-customer-support-representatives-in-2025.pptx
JeroenErne2
46 views
10
7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx
JeroenErne2
46 views
13
25-essential-ai-courses-for-user-support-specialists-in-2025.pptx
JeroenErne2
37 views
11
8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx
JeroenErne2
34 views
21
Know for Certain
DaveSinNM
21 views
17
PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx
novasedanayoga46
26 views