The answer is in the data…..

 

Speaker

Haider Al-Seaidy - Global Sales Engineer

Abstract

Machine data is one of the most underused and undervalued assets of any organization; yet, contains some of the most important insights across IT and the business. The analytical use cases that can be realised from machine data is endless; IT Operations improvements, preventing system outages, thwarting cyber-attacks, predicting customer churn, detecting fraud etc.

The challenge with leveraging machine data is that it comes in a dizzying array of unpredictable formats, and traditional monitoring and analysis tools weren’t designed for the variety, velocity, volume or variability of this data. This is where Splunk comes in.
During this session, we will talk about machine data, and demonstrate how a security analyst can search through vast amounts of raw machine data and perform analytics to uncover suspicious activity in the network using Splunk.

We will show you how you can detect command and control beaconing to malicious web domains using web proxy data by looking for an internal client host communicating with an external domain host in a persistent pattern. Persistence is the difference between a real user visiting a legitimate domain versus an infected host communicating with a command and control host.

Speaker Bio

Haider has a BSc (Hons) in Computing Informatics from the University of Plymouth. It was here that Haider developed his interest in the use cases for data driven decisions in a business, security and social contexts. Much of Haider's career has been spent in the BI and Data Analytics arena working predominantly with Microsoft, Qlik and Splunk technologies across EMEA.