Talk Details

How CrowdStrike’s Incident Response team harnesses the power of Splunk to achieve rapid response and remediation times

CrowdStrike will present on how we use Slunk to enhance our response times for detection and other events. The goal of any Incident Response team should be to detect an event in 1 minute or less, to begin triaging the event in 10 minutes and to prepare a response plan or resolve in 60 minutes.
We will provide examples about how we utilize the benefits of data modeling and accelerated search, tstats, cim compliance as well as custom data sets.

Speakers:

Timothy Briggs
Dustin Frey

Links:

Video PowerPoint Github