it-sa 2019 - Germany on alert at Europe’s leading trade fair for IT security

A record-breaking number of 15.000 visitors make it-sa one of the largest get-togethers of the IT security community in Europe. The large amount of visitors, reveal a trend and need for enhancing cyber security strategies and capabilities across Germany. Many organizations are at a turning point in their cybersecurity journey - starting to establish their own, dedicated security know-how.

The Splunk Team and many partners had been on-site of course! Here are a few of my personal highlights.

Splunk at it-sa 2019

MITRE ATT&CK

The times when only big companies invested in cyber defence capabilities beyond Firewalls and Endpoint Protection is over. Every big or small security team is establishing a detect and response strategy beyond prevention and along the full kill chain.

Dr. Sebastian Schmerl, Cyber Defence Manager at ComputaCenter shared how they are using MITRE ATT&CK for Cyber Defence Maturity Assessments which enables organizations to allow the identification and prioritization of security investments.

Sebastian Schmerl, Computacenter

Each day of the conference, Angelo and me presented on stage, making 15-minute-pitches on MITRE ATT&CK, what it is and how it can be used with Splunk.

Splunk MITRE ATT&CK presentation

Operational Technology (OT) Security - Protecting the Shopfloor

Our partners Airbus and ComputaCenter showcased how they use Splunk to bring their know-how to the production lines within manufacturing plants. Computacenter showcased PDEX to collect PROFINET Data from Siemens Industrial Control Systems as an example.

Airbus showcased a cyber attack against a manufacturing line and how to detect and investigate it early with Splunk before it is too late.

Airbus at it-sa 2019

Managed SIEM & Managed SOC

At Splunk we help organizations build, operate, modernise and mature their Security Operations Center. However, not every organization can afford their own team of security analysts. To allow hybrid operating models or fully outsourced operating models, Splunk was present at many exhibition booths from our partners offering Managed Security Services powered by Splunk Technology.

Our partners at it-sa: magellan netzwerke GmbH, SVA GmbH, NTT Security, SecureLink, NetDescribe, Airbus Cybersecurity, Computacenter and doIT Solutions

Cheers,

Matthias

/en_us/blog/fragments/digital-resilience-pays-off
Style
two-column

Related Articles

SUPERNOVA Redux, with a Generous Portion of Masquerading
Security
10 Minute Read

SUPERNOVA Redux, with a Generous Portion of Masquerading

A review of the Pulse Secure attack where the threat actor connected to the network via a the Pulse Secure virtual private network (VPN), moved laterally to its SolarWinds Orion server, installed the SUPERNOVA malware, and collected credentials, all while masquerading the procdump.exe file and renamed it as splunklogger.exe.
Obey My Logs! AI-Powered Compromised Credential Detection
Security
13 Minute Read

Obey My Logs! AI-Powered Compromised Credential Detection

Splunker Shannon Davis shares a closer look into how to detect compromised credentials with AI-powered PLoB.
Splunk Security Content for Threat Detection & Response: September Recap
Security
2 Minute Read

Splunk Security Content for Threat Detection & Response: September Recap

Splunk's September ESCU update: New security content & analytics for robust threat detection. Covers Cisco ASA, ArcaneDoor, diverse malware, and Office365 Copilot activity.
/en_us/blog/fragments/about-splunk
/en_us/blog/fragments/subscribe-footer