Next-Gen Cyber Security- Is it possible to write rules to detect hidden threats?

There are a ton of sophisticated security solutions in the market; however, cyber-breaches aren’t slowing down. Are these tools in-capable of stopping these attacks? Well, we will let you decide, but the reality is – no combination of end-point and network centric tools can stops these attacks, especially if the attack is instigated by the insider. Additionally, once a system or a user credential is compromised, cyber-criminal’s activities can get camouflaged with a benign user’s activity. A radically different technology is necessary to find these hidden threats. A technology that leverages the power of data science and machine learning, and uses big data foundation. Only if you can baseline a user or an entity’s behavior, can you determine what’s abnormal. Learn how this approach can detect APTs, known, unknown, and hidden threats.

Today’s threat actors will find ways to get into organizations. Attacks can also originate from within via a malicious insider. How are these new problems being addressed? You need a unique approach that builds-off of a behavior baseline, peer-group analytics and leverages machine learning to provide the analytical capabilities required to combat modern day attacks and detect data breaches – cyber or insider.

Splunk UBA, a cybersecurity solution, is essential and completes an organization’s defense-in-depth security architecture. Anurag Gurtu, Director Product Marketing, Splunk Behavior Analytics at Splunk will speak in more detail on the subject.

Learn how Splunk UBA:
• Utilizes advanced analytics and machine learning to detect insider threats and external threat actors
• Builds a behavior baseline to distinguish “normal” vs. “anomalous” behavior and automatically stitches anomalies into various threat classifications – Lateral Movement, CnC Detection, Malware Activity, Suspicious Insider Behavior, Data Exfiltration, etc.
• Maps a threat over a kill chain so an organization can visually understand the intensity of the attack, and help with quickly identifying and scoping compromised entities – accounts, devices, network and applications

Registration: https://splunkevents.webex.com/mw3000/mywebex/default.do?nomenu=true&siteurl=splunkevents&service=6&rnd=0.31961958639363464&main_url=https%3A%2F%2Fsplunkevents.webex.com%2Fec3000%2Feventc...;