01. Security OT Splunk EdgeHub & Splunk & Dragos
We cordially invite all interested parties to a workshop where we will share knowledge on increasing OT visibility and effective methods of detecting threats in OT/ICS infrastructure.
DURING THE EVENT:
- We will introduce the latest product within the Splunk platform - Edge Hub. This is an innovative device with embedded sensors, developed by Actineon, specifically configured to integrate with Splunk-based IoT solutions, enabling the collection and streaming of data to the Splunk platform.
- We will discuss ES Splunk, a SIEM that provides end-to-end visibility, accurate threat detection and risk-based alerts (RBA).
- We will present the OT Security add-on, which extends the Splunk platform's capabilities in threat monitoring and incident response, along with threat mapping to known standards such as MITRE ATT&CK for ICS, CIS 20 and others.
- We will also present the Dragos OT add-on that introduces the Dragos feature set to Splunk, increasing the visibility of OT environments and enabling integration with Dragos WorldView, to download threat indicators (IOCs).
- We will learn about the Dragos platform, an IDS for OT, helping to increase visibility of assets in OT environments, simplify ICS/OT vulnerability management with enriched vulnerability information, and effectively detect threats targeting OT/ICS. The platform helps SOC teams respond to incidents through its included playbooks - investigative manuals.
- We'll also cover how to increase visibility into the OT SOC by integrating Splunk and Dragos, showing how to bridge the IT/OT divide by combining cybersecurity data sources in one place, how to detect threats on ICS/OT faster and more effectively, such as Crashoverride (Industroyer), and how to simplify the threat detection process in OT/ICS infrastructure by importing IoC from Dragos WorldView Threat Intelligence into Splunk.
TERMIN I MIEJSCE WARSZTATÓW:
11.04.2024 | godz. 10:00-15:00
Warszawa, Adgar PW, Al. Jerozolimskie 181
Sala: Be. 04