TECH TALKS

Detecting Remote Code Executions With the Splunk Threat Research Team

Wednesday, May 22, 2024  |  11:00AM–12:00PM PT

Security

Remote code execution (RCE) vulnerabilities pose a significant risk to organizations. If exploited, they allow attackers to easily execute arbitrary code on affected systems without authentication — and open the door to use additional tactics and techniques to cause further harm.

To support defenders against these attacks, the Splunk Threat Research Team regularly creates new out-of-the-box security content for use in Splunk Enterprise Security. Join this Tech Talk to learn more from Michael Haag, Principal Threat Researcher, who will provide:

  • An overview of the latest security content the team has developed to defend against RCEs
  • Best practices for implementing and using this content
  • A walkthrough of the detection engineering process the Splunk Threat Research Team follows to create security content for defending against CVEs

Lorem ipsum dolor sit amet

Time Place Details
10:00am - 10:55am Expo Hall Meet and greet in the lobby outside the Expo Hall before the General Assembly.
11:00am - 11:55am Rm 314 Expert Track: TOP 10 WAYS TO MAKE A DIFFERENCE IN THE INDUSTRY | John Dough, CFO Marketizingly
11:00am - 11:55am Rm 159 Social Track: MODERN NETWORKING | Hosted by: SponsorName

Lorem ipsum dolor sit amet

Pellentesque non magna eget ex lobortis finibus. Lorem ipsum dolor sit amet, consectetur adipiscing elit. Etiam nec arcu non eros hendrerit viverra a vitae libero. Etiam et ultricies nulla. Donec euismod lectus magna, eu dignissim mauris hendrerit vulputate.

Our Speaker


Michael Haag

Michael Haag

Principal Threat Researcher
Splunk

Michael Haag is a Principal Threat Researcher at Splunk. Michael led the development of Atomic Red Team, an open-source testing platform that security teams can use to assess detection coverage. An avid researcher, he is passionate about understanding and evaluating the limits of defensive systems. His background includes security analysis, threat research, and incident handling.

https://www.linkedin.com/in/michaelahaag/

Learn More


Other Events You Might Find Interesting


Community Office Hours
Community Office Hours

Technical Splunk experts answer questions and provide how-to guidance on a different topic every month. View upcoming sessions

Observability Tech Talks
Observability Tech Talks

Find your next best Splunk Observability use case, feature, solution or app. View On-Demand

Security Tech Talks
Security Tech Talks

Tap into best practices on your path to resilience in Security. View On-Demand