Despite years of SOCs centralizing their network security data in Splunk, many organizations still struggle to operationalize that data in a way that allows them to keep up with their alert queues, let alone do anything proactive to detect adversaries moving within their networks. Find out why many of Splunk's security experts enjoy working with Corelight data for network monitoring.
This video overview highlights how:
- Integrating Corelight and Splunk creates a comprehensive single source for network evidence and visibility
- This integration allows SOCs to easily operationalize Corelight’s correlated evidence within Splunk
- Corelight + Splunk can help SOCs uncover past attacks, thwart ones that haven’t happened yet, and much more
SPEAKER:
Alex Kirk
Global Principal, Suricata
Alex is a veteran open source security evangelist with a deep engineering background. In 10 years with Sourcefire Research (VRT), he wrote the team’s first malware sandbox and established its global customer intelligence sharing program. He has spoken at conferences across the globe and was a contributing author for “Practical Intrusion Analysis”, and oft-used textbook for university courses on IDS. His security engineering background also includes time at Cisco and Tenable.
