Threat Hunting with Deceptive Defense and Splunk Enterprise Security

•

2 gefällt mir•166 views

Threat hunting has been primarily a playground for security experts in surfacing unknown threats. It is a proactive security approach where the hunt starts with a hypothesis about a hidden threat that may be already in the enterprise network. According to 2017 survey on threat hunting by the SANS Institute, nearly 45% of organizations hunt on an ad hoc basis. The ad hoc approach is ineffective and does not yield sufficient results to cover the cost of threat hunting. Considering the scarcity of security analysts, the ad hoc threat hunting becomes a costly and expensive process. Also, threat hunting is typically performed by doing outlier detection of the data. For example, analysts usually do outlier detection to find suspicious processes out of Windows process logs. The outlier detection can be done using simple box plots, control charts, or using more sophisticated unsupervised machine learning techniques. However, the output of all the outlier detection techniques is outliers/anomalies that still need to be audited/investigated by the security analysts. This adds more workload to the already overwhelmed security analyst. The fusion of data science and deceive security provides an opportunity to validate many alerts automatically and therefore provides an automated approach from threat hunting. Deceptive defense system offers a way to confirm an adversary presence with nearly 0% false alarms when the adversary bumps onto one of the deceptions. The modern set of deceptions is the reincarnation of honeypots, honeytokens, honeynets, and honey files that blends well within the network and can dynamically change their configurations. When an adversary access a deception, it raises a positive affirmation of a threat. In this approach, one needs to use alerts and contextual security events along with deceptive security to rank the existing alerts. It takes away a lot of manual verification of various security alerts.

Daten & Analysen

© 2017 SPLUNK INC.© 2017 SPLUNK INC.
Threat Hunting with Deceptive
Defense and Splunk Enterprise
Security
Satnam Singh | Chief Data Scientist
Acalvio Technologies
September 27, 2017 | Washington, DC

© 2017 SPLUNK INC.
▶ Alert triage using threat intelligence
and other data sources
▶ Primarily outlier detection
▶ Too many alerts and Too many false
positives
▶ Typically less than 5% of alerts are
investigated
Threat Hunting

© 2017 SPLUNK INC.
SANS Institute, 2017 Report
“ Nearly 45% of Organisations hunt on
Ad hoc basis”

© 2017 SPLUNK INC.
Deceptive Security
▶ Reincarnation of Honeypots, Honeyfiles, Honeydata and
Honeynet
▶ Multiple forms : Decoys, Breadcrumbs, Lures, Baits
▶ Active Approach —> High Fidelity Alert
▶ “Deploy deceptions on/around hosts with notable events”

© 2017 SPLUNK INC.
▶ Use Splunk ES Notable Events as
Starting and Ending Point
▶ Use Data Science to rank hosts and
notable events for hunting
Splunk Enterprise Security Notables

© 2017 SPLUNK INC.
3. THIN
Based on Deception alert/no
alert recompute notable
ranking
Threat Hunting
1. Threat Hunting
Intelligence Engine (THIN)
- Ranking of Hosts & Notables
- Determine Deception Strategy
Splunk ES -Notables
2. Deception Platform
Deploy Deceptions

© 2017 SPLUNK INC.
Step 1: Ranking of Hosts and Notables

© 2017 SPLUNK INC.
Step 2: Recommend Deceptions
Breadcrumb Details
Host osg-sec-wsus01 (10.11.36.41) has failed login authentication
6 times using 6 usernames against 1 target in the last hour
Excessive Failed Logins Notable

© 2017 SPLUNK INC.
Step 3: Update Ranking using Deception Alerts
Deception Triggered
Updated Ranking based on Deception Alerts

© 2017 SPLUNK INC.
Summary
▶ Need to deal with alert deluge
▶ Need Proactive Approach for
Threat Hunting
▶ Fusion of Data Science and
Deceptive Security provides
an active approach for Threat
Hunting

Weitere ähnliche Inhalte

Was ist angesagt?

Splunk live nyc_2017_sec_buildinganalyticsdrivensoc

Rene Aguero

Using Splunk to Defend Against Advanced Threats - Webinar Slides: November 2017

Splunk

SplunkLive! Zurich 2017 - Splunk Add-ons and Alerts

Splunk

Splunk Discovery Day Milwaukee 9-14-17

Splunk

Analytics Driven SIEM Workshop

Splunk

Understanding your security impact enables you to be faster and smarter about how you approach security threats. Whether you're looking to reduce breaches, set up monitoring to anticipate attacks, build more predictive capabilities or need quality reporting for an audit, you will learn how to leverage Splunk's analytics-driven security platform to analyse your data by using the power of our Search Processing Language (SPL). We'll also present how to implement and up-level your security today with actionable searches that can immediately be put to use in your environment. In this session, you will learn how to: - Optimise and make Splunk search work for you, so you can quickly gain insights into your data to identify and describe security impacts and potential threats - Detect unusual and potentially malicious activity threats using Splunk Enterprise statistical and behavorial analysis capabilities - Find unusual activities (using expected alert volume)

SplunkLive! London 2017 - An End-To-End Approach: Detect via Behavious and Re...

Splunk

All data is security relevant – whether you are an IT or security professional, it is important to gain context into all your data to understand your environment, quickly hunt for and investigate potential threats in your environment, and take action to remediate. In this session, you will learn how to: - Leverage your data across silos with analytics-driven security - Operationalize all relevant data to gain greater visibility of your environment to make more informed decisions - Optimize incident response to more clearly understand an attack and the sequential relationship between events to quickly determine the appropriate next steps - Improve investigation and remediation times by automating decisions or by using human-assisted decisions with full context from adaptive response - Utilize Splunk User Behavior Analytics and verify privileged access and detect unusual activity by using UBA anomalies

SplunkLive! Zurich 2017 - Build a Security Portfolio That Strengthens Your Se...

Splunk

Build a Security Portfolio That Strengthens Your Security Posture

Splunk

Splunk Forum Frankfurt - 15th Nov 2017 - Building SOC with Splunk

Splunk

SplunkLive! Stockholm 2018 - Customer presentation: Bonnier Books Nova

Splunk

A Day in the Life of a GDPR Breach - September 2017: France

Splunk

Splunk Forum Frankfurt - 15th Nov 2017 - AI Ops

Splunk

A Day in the Life of a GDPR Breach - September 2017: Germany

Splunk

The Hitchhiker's Guide to Service Intelligence Workshop

Splunk

You’re a CIO, CISO or DPO - and you’ve been woken up in the middle of the night because personal data held by your organization has been discovered for sale on the dark web. This disclosure puts the privacy of your customers at risk. What do you do next? Join this session to learn about the impact of GDPR and go through a breach investigation and response scenario as it would be after GDPR comes into effect in May 2018. You’ll hear from Splunk’s Data Privacy Officer Elizabeth Davies and Splunk’s Security Ninja Matthias Maier. What you will learn: - What breach response will look like under the GDPR - What tools and processes a data privacy officer will rely on in case of a breach - What departments and entities will be involved beyond IT - What activities are currently happening within organizations to prepare for the GDPR - What the consequences of the breach could be Watch the webinar: http://explore.splunk.com/GDPR_Webinar_EN

A Day in the Life of a GDPR Breach

Splunk

SplunkLive! London 2017 - Travis Perkins

Splunk

Reactive to Proactive: Intelligent Troubleshooting and Monitoring with Splunk

Splunk

Splunk Forum Frankfurt - 15th Nov 2017 - .conf2017 Update

Splunk

Splunk workshop-Threat Hunting

Splunk

Splunk Discovery Dusseldorf: September 2017 - IT Ops Session

Splunk

Was ist angesagt? (20)

Splunk live nyc_2017_sec_buildinganalyticsdrivensoc

Using Splunk to Defend Against Advanced Threats - Webinar Slides: November 2017

SplunkLive! Zurich 2017 - Splunk Add-ons and Alerts

Splunk Discovery Day Milwaukee 9-14-17

Analytics Driven SIEM Workshop

SplunkLive! London 2017 - An End-To-End Approach: Detect via Behavious and Re...

SplunkLive! Zurich 2017 - Build a Security Portfolio That Strengthens Your Se...

Build a Security Portfolio That Strengthens Your Security Posture

Splunk Forum Frankfurt - 15th Nov 2017 - Building SOC with Splunk

SplunkLive! Stockholm 2018 - Customer presentation: Bonnier Books Nova

A Day in the Life of a GDPR Breach - September 2017: France

Splunk Forum Frankfurt - 15th Nov 2017 - AI Ops

A Day in the Life of a GDPR Breach - September 2017: Germany

The Hitchhiker's Guide to Service Intelligence Workshop

A Day in the Life of a GDPR Breach

SplunkLive! London 2017 - Travis Perkins

Reactive to Proactive: Intelligent Troubleshooting and Monitoring with Splunk

Splunk Forum Frankfurt - 15th Nov 2017 - .conf2017 Update

Splunk workshop-Threat Hunting

Splunk Discovery Dusseldorf: September 2017 - IT Ops Session

Ähnlich wie Threat Hunting with Deceptive Defense and Splunk Enterprise Security

Using Machine Learning and Analytics to Hunt for Security Threats - Webinar

Splunk

SplunkLive! Munich 2018: Use Splunk for incident Response, Orchestration and ...

Splunk

Splunk Forum Frankfurt - 15th Nov 2017 - Threat Hunting

Splunk

Accelerate incident Response Using Orchestration and Automation

Splunk

Accelerate incident Response Using Orchestration and Automation

Splunk

Partner Exec Summit 2018 - Frankfurt: Analytics-driven Security und SOAR

Splunk

SplunkLive! London 2017 - Splunk Overview

Splunk

SplunkLive! Zurich 2018: Use Splunk for Incident Response, Orchestration and ...

Splunk

Daily IT security operations processes have not changed significantly over the past decade, but that all stands to change now that a new technology has arrived—enabling security teams to work smarter, respond faster, and improve their defenses. With Security Orchestration, Automation and Response (SOAR) technology, mundane processes can be handled by computers, allowing the SOC team to focus on identifying and responding to the real threats and attacks. This session examines traditional SOC processes and what becomes possible with a SOAR platform like Splunk Phantom. Whether it's a two-person security operation or a full complement SOC, learn to identify the processes that computers can handle on your behalf, and how to go beyond simple use cases and leverage all of the available security tools in your arsenal to the max.

Accelerate Incident Response with Orchestration & Automation

Splunk

Splunk Incident Response, Orchestrierung und Automation

Splunk

The Splunk AISecOps Initiative - Splunk Security Roundtable: Zurich 2018

Splunk

Reporting against any framework is a difficult and time consuming task often utilising multiple staff and burdening multiple teams. Splunk App for Essential 8 reduces the impact by automating reporting and providing one location to measure maturity. If you are spending more time on reporting than implementing the controls for E8, reach out to your local Splunk team or Splunk partner so we can help you get ahead of the challenge.

Essential 8 App for Splunk

Mickey Perre

SplunkLive! Warsaw 2016 - Splunk for Security

Splunk

For two weeks a year, UCAS, the UK’s Universities and Colleges Admissions Service, is seen as a critical national service, during which 700,000 students rely on the service to find and secure university placements. If UCAS fails, students won’t get their places confirmed on time and universities won’t fill the spaces they need to. Personal data flows from the point of student application, through UCAS, to the universities. Protecting this data is paramount. Join this webinar to learn how the UCAS uses Splunk Enterprise Security running on Splunk Cloud to gain real-time end-to-end visibility and reporting across various technology stacks, both on premise and across their AWS environment, and why an analytics-driven approach can enable you to identify anomalies that could indicate potential compromise. Find out how Splunk helps UCAS: · Gain centralised visibility into their Security Operations Center (SOC) · Use incident investigation to prove-negative for breach notification obligation under the Data Protection Act 1988 (soon to be GDPR) · Proactively detect security risks beyond malware

How security analytics helps UCAS protect 700,000 student applications

Splunk

Splunk Discovery Köln - 17-01-2020 - Accelerate Incident Response

Splunk

Simplify service operations and improve reliability of events with machine learning and analytics Your data centre creates a lot of events — from low-level disk warnings to critical network issues and even service-level failures. With so many events and false positives, how do you know which events are important and which ones to ‘throw away’? Your current rules-based tools don’t work they are inflexible, cannot handle event volumes from today’s transient infrastructures and do not provide actionable alerts that help you fix the important problems first. Join this webinar to learn how Splunk IT Service Intelligence employs the power of machine learning to provide actionable human scale alerts with service context in an integrated solution, enabling IT teams to focus on fixing what’s broken quickly and easily. Learn how you can rapidly apply machine learning to: - Catch anomalous behavior to detect events before they become critical incidents - Avoid having to create manual rules and set adapt thresholds dynamically - Automatically correlate data to generate highly qualified information, so you can take fast action - Prioritize and speed up investigation on the most important incidents with service context

Rage WITH the machine, not against it: Machine learning for Event Management

Splunk

Webinar: Neues zur Splunk App for Enterprise Security

Georg Knon

Splunk Financial Services Forums are designed to teach companies like yours that are turning terabytes of machine data – collected daily for high-volume activities like trading, claims processing and multi-channel banking – into valuable insights. These insights help financial services organizations improve security, reduce fraud, achieve regulatory compliance, gain deeper customer insights, obtain end-to-end visibility and much more.

Financial Services Forum_New York, May 17, 2017

Splunk

Splunk Forum Financial Services Chicago 9/13/17

Splunk

If you're just getting started with Splunk, this session will help you understand how to use Splunk software to turn your silos of data into insights that are actionable. In this session, we’ll dive right into a Splunk environment and show you how to use the simple Splunk search interface to quickly find the needle-in-the-haystack or multiple needles in multiple haystacks. We’ll demonstrate how to perform rapid ad-hoc searches to conduct routine investigations across your entire IT infrastructure in one place, whether physical, virtual or in the cloud. We’ll show you how to then convert these searches into real time alerts and dashboards, so you can proactively monitor for problems before they impact your end user. We'll demonstrate how you can use Splunk to connect the dots across heterogeneous systems in your environment for cross-tier, cross-silo visibility. You'll have access to a demo environment. So, don't forget to bring your laptop and follow along for a hands-on experience.

Delivering New Visibility and Analytics for IT Operations

Splunk

Ähnlich wie Threat Hunting with Deceptive Defense and Splunk Enterprise Security (20)

Using Machine Learning and Analytics to Hunt for Security Threats - Webinar

SplunkLive! Munich 2018: Use Splunk for incident Response, Orchestration and ...

Splunk Forum Frankfurt - 15th Nov 2017 - Threat Hunting

Accelerate incident Response Using Orchestration and Automation

Partner Exec Summit 2018 - Frankfurt: Analytics-driven Security und SOAR

SplunkLive! London 2017 - Splunk Overview

SplunkLive! Zurich 2018: Use Splunk for Incident Response, Orchestration and ...

Accelerate Incident Response with Orchestration & Automation

Splunk Incident Response, Orchestrierung und Automation

The Splunk AISecOps Initiative - Splunk Security Roundtable: Zurich 2018

Essential 8 App for Splunk

SplunkLive! Warsaw 2016 - Splunk for Security

How security analytics helps UCAS protect 700,000 student applications

Splunk Discovery Köln - 17-01-2020 - Accelerate Incident Response

Rage WITH the machine, not against it: Machine learning for Event Management

Webinar: Neues zur Splunk App for Enterprise Security

Financial Services Forum_New York, May 17, 2017

Splunk Forum Financial Services Chicago 9/13/17

Delivering New Visibility and Analytics for IT Operations

Mehr von Satnam Singh

InfoSec Deep Learning in Action

Satnam Singh

Probabilistic signals and systems satnam singh

Satnam Singh

A Game between Adversary and AI Scientist

Satnam Singh

Deep Learning Fundamentals Workshop This hands-on workshop will provide an introduction to deep learning to the participants who are already aware of data science and machine learning techniques but have not worked on deep learning. The course will cover the different types of network architectures that make the foundations of deep learning. Following topics will be covered: 1. What is deep learning and what are the use cases of it? 2. Introduction to Feed Forward Neural Networks including the hands-on session 3. Building an Image Classifier using Convolutional Natural Networks 4. Applying Recurrent Neural Network and LSTM Network for text classification 5. How to build your own deep learning projects?

Deep learning fundamentals workshop

Satnam Singh

Deception-triggered security data science is a novel paradigm where we marry deception and security data science together to enhance security incident analysis. We deploy deception sensors (consisting of multiple low and high honeypots) that can emulate at various stages, e.g., network, endpoint, application, data, and servers. Whenever an adversary tripped over these sensors, we initiate an alert and correlate with data from other hosts and users to construct an adversary trajectory graph. The graph enhances the capabilities of security analysts to get better insights about adversary movements and hosts that may also be compromised. This talk is a must for security data researchers, security analysts, and security practitioners. We will share some case studies from our deployments along with a live demo of our Splunk App.

Deception-Triggered Security Data Science to Detect Adversary Movements

Satnam Singh

This talk focuses on how AI can be leveraged to solve some of the subproblems in cybersecurity. The talk will start with a discussion on why there is a surge in data breaches, and cybersecurity attacks? Then I will discuss some of the use cases, data pipeline, and architectural details of AI solutions for the cybersecurity. Here is a detailed plan for the talk: (1) The current state of Information security and tools (5 mins). (2) A brief history and current status of using AI for the InfoSec (5 mins). Currently, security data science tools primarily process raw data from multiple data sources such as network flows, authentication logs, firewall logs, endpoints, and detect anomalous events. These tools generate a large number of false positives, and they need to be further investigated by security analysts. Specifically, I will address the following questions: - What is the foundation of current security data science tools? - What are the pros and cons of existing tools? (3) AI use cases, data pipeline, architecture, and data experiments (15 mins): Following questions will be addressed: - What are the different use cases that can be enabled by AI? - How would it transform the incident response? What's a typical data pipeline and architecture of cybersecurity AI solution? Demo 1: PowerShell Obfuscation Detection using Deep Learning Neural Networks Demo 2: Malicious URL Detection using Recurrent Neural Networks (4) Challenges and limitations of using AI alone for cybersecurity (5 mins) - AI generates too many false positives - Enterprises can investigate only 2-5% of alerts due to the limited number of security analysts Need for an automated response, not just detection (5) Our approach: fuse deception with AI (10 mins): A key objective of the deception is to deceive the inside-network attacks and threats to detect, engage, trap, and remediate them. Deception provides high fidelity alerts, and AI delivers an ability to construct context about the alert. By fusing deception and data science, security analysts can do proactive defense. We shall demonstrate our approach with specific case studies: - Demo 3- Detecting and Inferring threats in a high interaction decoy using AI engine (6) Q&A (5 mins)

AI for CyberSecurity

Satnam Singh

Using Deception to Detect and Profile Hidden Threats

Satnam Singh

HawkEye : A Real-time Anomaly Detection System

Satnam Singh

India software developers conference 2013 Bangalore

Satnam Singh

The Fifth Elephant - 2013 Talk - "Smart Analytics in Smartphones"

Satnam Singh

Big Data Analytics Insights Conference- Satnam

Satnam Singh

Mehr von Satnam Singh (11)

InfoSec Deep Learning in Action

Probabilistic signals and systems satnam singh

A Game between Adversary and AI Scientist

Deep learning fundamentals workshop

Deception-Triggered Security Data Science to Detect Adversary Movements

AI for CyberSecurity

Using Deception to Detect and Profile Hidden Threats

HawkEye : A Real-time Anomaly Detection System

India software developers conference 2013 Bangalore

The Fifth Elephant - 2013 Talk - "Smart Analytics in Smartphones"

Big Data Analytics Insights Conference- Satnam

Kürzlich hochgeladen

Junnasandra Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore Escorts Service Booking Contact Details :- WhatsApp Chat :- +91-7737669865 2-May-2024(SMW) Call Girls In Model Towh Bangalore +91-7737669865 !! Best Woman Seeking Man Call Girls Service, Escorts Service in Home Hotel in Bangalore NCR 24 Hours Available Service Call Girls, Contact Us +91-7737669865 (Any Time. Any Where) Call Girls in Bangalore, Noida, Gurgaon, Ghaziabad,Sexy Indian Female Escorts Service Bangalore NCRWelcome To Bangalore Escorts Service – An All Over New Bangalore Very Sexy Hot Call Girls Agency Service Escorts In South BangaloreNCRBangalore’s No. 1 High Profile Independent Female Escorts Service. We Provide Good Quality Educated Profile At Very Regnebal Price 100% Safe And Original.We Are Provide Escorts Service All OYO Hotels ,3*,4*,5* Star Hotel And Home Flat, Apartment. Guest-House. Services In -Call And Out – Call Both Are Services Available. 24Hrs. Any Time Any Where. In All Over Bangalore Noida Gurgaon Ghaziabad Faridabad.More Information And Contact Profile Real Pic Visit Our Website City Wise Escorts Service Agency.Good Looking Cheap And Best Models Girls U Can Get Best Click On Link……Night Call Girls Now In Hotel Le Meridien Gurgaon Near Female Escort One Shot — 5000/in call (time 1 hour), 6000/out call Two shot with one girl — 8000/in call (time 2 hour), 10000/out call Body to body massage with sex- 8000/in call (time 1 hour) Full night Service for one person– 12000/in call, 13000/out call (shot limit 3-4 shots) Full night Service for more than 1 person — please contact Us —7737669865 We are available 24*7 all days of the year. Call us — 7737669865 Thank you for Visiting.

Junnasandra Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...

amitlee9823

(Vivek)Call Us, 8448380779,Call girls in Delhi NCr – We Offer best in class call girls. escort Service At Affordable Price At low Rate with Space Night 8000 We Are One Of The Oldest Escort and Call girls Agencies in Delhi. You Will Find That Our Female Escorts Are Full Of Fun, Sexy And They Would Love Enjoy Your Company. We Have A Fantastic Selection Of Escort Ladies Available For In-Calls As Well As Out-Calls. Our Escorts Are Not Only Beautiful But All Have Great Personalities Making Them The Perfect Companion For Any Occasion. In-Call:- You Can Come At Our Place in Delhi Our place Which Is Very Clean Hygienic 100% safe Accommodation. Out-Call:- You have To Come Pick The Girl From My Place We Are Also Provide Door Step Services (Delhi Ncr, Noida, Gurgaon, Faridabad, Ghaziabad Note:- Pic Collectors Time Passers Bargainers Stay Away As We Respect The Value For Your Money Time And Expect The Same From You Hygienic:- Full Ac room And Clean Rooms Available In Hotel 24 * 7 Hourly In Delhi NCR More Details, With WhatsApp Number, +91-8448380779

BDSM⚡Call Girls in Mandawali Delhi >༒8448380779 Escort Service

Delhi Call girls

Saudi Arabia [ Abortion pills) Jeddah/riaydh/dammam/+966572737505☎️] cytotec tablets uses abortion pills 💊💊 How effective is the abortion pill? 💊💊 +966572737505) "Abortion pills in Jeddah" how to get cytotec tablets in Riyadh " Abortion pills in dammam*💊💊 The abortion pill is very effective. If you’re taking mifepristone and misoprostol, it depends on how far along the pregnancy is, and how many doses of medicine you take:💊💊 +966572737505) how to buy cytotec pills At 8 weeks pregnant or less, it works about 94-98% of the time. +966572737505[ 💊💊💊 At 8-9 weeks pregnant, it works about 94-96% of the time. +966572737505) At 9-10 weeks pregnant, it works about 91-93% of the time. +966572737505)💊💊 If you take an extra dose of misoprostol, it works about 99% of the time. At 10-11 weeks pregnant, it works about 87% of the time. +966572737505) If you take an extra dose of misoprostol, it works about 98% of the time. In general, taking both mifepristone and+966572737505 misoprostol works a bit better than taking misoprostol only. +966572737505 Taking misoprostol alone works to end the+966572737505 pregnancy about 85-95% of the time — depending on how far along the+966572737505 pregnancy is and how you take the medicine. +966572737505 The abortion pill usually works, but if it doesn’t, you can take more medicine or have an in-clinic abortion. +966572737505 When can I take the abortion pill?+966572737505 In general, you can have a medication abortion up to 77 days (11 weeks)+966572737505 after the first day of your last period. If it’s been 78 days or more since the first day of your last+966572737505 period, you can have an in-clinic abortion to end your pregnancy.+966572737505 Why do people choose the abortion pill? Which kind of abortion you choose all depends on your personal+966572737505 preference and situation. With+966572737505 medication+966572737505 abortion, some people like that you don’t need to have a procedure in a doctor’s office. You can have your medication abortion on your own+966572737505 schedule, at home or in another comfortable place that you choose.+966572737505 You get to decide who you want to be with during your abortion, or you can go it alone. Because+966572737505 medication abortion is similar to a miscarriage, many people feel like it’s more “natural” and less invasive. And some+966572737505 people may not have an in-clinic abortion provider close by, so abortion pills are more available to+966572737505 them. +966572737505 Your doctor, nurse, or health center staff can help you decide which kind of abortion is best for you. +966572737505 More questions from patients: Saudi Arabia+966572737505 CYTOTEC Misoprostol Tablets. Misoprostol is a medication that can prevent stomach ulcers if you also take NSAID medications. It reduces the amount of acid in your stomach, which protects your stomach lining. The brand name of this medication is Cytotec®.+966573737505) Unwanted Kit is a combination of two medici

Abortion pills in Doha Qatar (+966572737505 ! Get Cytotec

Abortion pills in Riyadh +966572737505 get cytotec

Invezz.com - Grow your wealth with trading signals

Invezz1

Call Girls Indiranagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore Booking Contact Details :- WhatsApp Chat :- +91-7737669865 2-May-2024(SMW) Call Girls In Model Towh Bangalore +91-7737669865 !! Best Woman Seeking Man Call Girls Service, Escorts Service in Home Hotel in Bangalore NCR 24 Hours Available Service Call Girls, Contact Us +91-7737669865 (Any Time. Any Where) Call Girls in Bangalore, Noida, Gurgaon, Ghaziabad,Sexy Indian Female Escorts Service Bangalore NCRWelcome To Bangalore Escorts Service – An All Over New Bangalore Very Sexy Hot Call Girls Agency Service Escorts In South BangaloreNCRBangalore’s No. 1 High Profile Independent Female Escorts Service. We Provide Good Quality Educated Profile At Very Regnebal Price 100% Safe And Original.We Are Provide Escorts Service All OYO Hotels ,3*,4*,5* Star Hotel And Home Flat, Apartment. Guest-House. Services In -Call And Out – Call Both Are Services Available. 24Hrs. Any Time Any Where. In All Over Bangalore Noida Gurgaon Ghaziabad Faridabad.More Information And Contact Profile Real Pic Visit Our Website City Wise Escorts Service Agency.Good Looking Cheap And Best Models Girls U Can Get Best Click On Link……Night Call Girls Now In Hotel Le Meridien Gurgaon Near Female Escort One Shot — 5000/in call (time 1 hour), 6000/out call Two shot with one girl — 8000/in call (time 2 hour), 10000/out call Body to body massage with sex- 8000/in call (time 1 hour) Full night Service for one person– 12000/in call, 13000/out call (shot limit 3-4 shots) Full night Service for more than 1 person — please contact Us —7737669865 We are available 24*7 all days of the year. Call us — 7737669865 Thank you for Visiting.

Call Girls Indiranagar Just Call 👗 7737669865 👗 Top Class Call Girl Service B...

amitlee9823

Vip Mumbai Call Girls Marol Naka Call On 9920725232 With Body to body massage with sex Booking Contact Details :- WhatsApp Chat :- +91-9920725232 4-May-2024(SMW) Call Girls In Model Towh +91-9920725232 !! Best Woman Seeking Man Call Girls Service, Escorts Service in Home Hotel in NCR 24 Hours Available Service Call Girls, Contact Us +91-9920725232 (Any Time. Any Where) Call Girls in , Noida, Gurgaon, Ghaziabad,Sexy Indian Female Escorts Service NCRWelcome To Escorts Service – An All Over New Very Sexy Hot Call Girls Agency Service Escorts In South NCR’s No. 1 High Profile Independent Female Escorts Service. We Provide Good Quality Educated Profile At Very Regnebal Price 100% Safe And Original.We Are Provide Escorts Service All OYO Hotels ,3*,4*,5* Star Hotel And Home Flat, Apartment. Guest-House. Services In -Call And Out – Call Both Are Services Available. 24Hrs. Any Time Any Where. In All Over Noida Gurgaon Ghaziabad Faridabad.More Information And Contact Profile Real Pic Visit Our Website City Wise Escorts Service Agency.Good Looking Cheap And Best Models Girls U Can Get Best Click On Link……Night Call Girls Now In Hotel Le Meridien Gurgaon Near Female Escort One Shot — 5000/in call (time 1 hour), 6000/out call Two shot with one girl — 8000/in call (time 2 hour), 10000/out call Body to body massage with sex- 8000/in call (time 1 hour) Full night Service for one person– 12000/in call, 13000/out call (shot limit 3-4 shots) Full night Service for more than 1 person — please contact Us —9920725232 We are available 24*7 all days of the year. Call us — 9920725232 Thank you for Visiting.

Vip Mumbai Call Girls Marol Naka Call On 9920725232 With Body to body massage...

amitlee9823

Mg Road Call Girls Service: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore Escorts Service Booking Contact Details :- WhatsApp Chat :- +91-7737669865 4-May-2024(SMW) Call Girls In Model Towh +91-7737669865 !! Best Woman Seeking Man Call Girls Service, Escorts Service in Home Hotel in NCR 24 Hours Available Service Call Girls, Contact Us +91-7737669865 (Any Time. Any Where) Call Girls in , Noida, Gurgaon, Ghaziabad,Sexy Indian Female Escorts Service NCRWelcome To Escorts Service – An All Over New Very Sexy Hot Call Girls Agency Service Escorts In South NCR’s No. 1 High Profile Independent Female Escorts Service. We Provide Good Quality Educated Profile At Very Regnebal Price 100% Safe And Original.We Are Provide Escorts Service All OYO Hotels ,3*,4*,5* Star Hotel And Home Flat, Apartment. Guest-House. Services In -Call And Out – Call Both Are Services Available. 24Hrs. Any Time Any Where. In All Over Noida Gurgaon Ghaziabad Faridabad.More Information And Contact Profile Real Pic Visit Our Website City Wise Escorts Service Agency.Good Looking Cheap And Best Models Girls U Can Get Best Click On Link……Night Call Girls Now In Hotel Le Meridien Gurgaon Near Female Escort One Shot — 5000/in call (time 1 hour), 6000/out call Two shot with one girl — 8000/in call (time 2 hour), 10000/out call Body to body massage with sex- 8000/in call (time 1 hour) Full night Service for one person– 12000/in call, 13000/out call (shot limit 3-4 shots) Full night Service for more than 1 person — please contact Us —7737669865 We are available 24*7 all days of the year. Call us — 7737669865 Thank you for Visiting.

Mg Road Call Girls Service: 🍓 7737669865 🍓 High Profile Model Escorts | Banga...

amitlee9823

Week-01-2.ppt BBB human Computer interaction

fulawalesam

Sampling (random) method and Non random.ppt

Dr. Soumendra Kumar Patra

Escorts Service Kumaraswamy Layout ☎ 7737669865☎ Book Your One night Stand (Bangalore) Booking Contact Details :- WhatsApp Chat :- +91-7737669865 2-May-2024(SMW) Call Girls In Model Towh Bangalore +91-7737669865 !! Best Woman Seeking Man Call Girls Service, Escorts Service in Home Hotel in Bangalore NCR 24 Hours Available Service Call Girls, Contact Us +91-7737669865 (Any Time. Any Where) Call Girls in Bangalore, Noida, Gurgaon, Ghaziabad,Sexy Indian Female Escorts Service Bangalore NCRWelcome To Bangalore Escorts Service – An All Over New Bangalore Very Sexy Hot Call Girls Agency Service Escorts In South BangaloreNCRBangalore’s No. 1 High Profile Independent Female Escorts Service. We Provide Good Quality Educated Profile At Very Regnebal Price 100% Safe And Original.We Are Provide Escorts Service All OYO Hotels ,3*,4*,5* Star Hotel And Home Flat, Apartment. Guest-House. Services In -Call And Out – Call Both Are Services Available. 24Hrs. Any Time Any Where. In All Over Bangalore Noida Gurgaon Ghaziabad Faridabad.More Information And Contact Profile Real Pic Visit Our Website City Wise Escorts Service Agency.Good Looking Cheap And Best Models Girls U Can Get Best Click On Link……Night Call Girls Now In Hotel Le Meridien Gurgaon Near Female Escort One Shot — 5000/in call (time 1 hour), 6000/out call Two shot with one girl — 8000/in call (time 2 hour), 10000/out call Body to body massage with sex- 8000/in call (time 1 hour) Full night Service for one person– 12000/in call, 13000/out call (shot limit 3-4 shots) Full night Service for more than 1 person — please contact Us —7737669865 We are available 24*7 all days of the year. Call us — 7737669865 Thank you for Visiting.

Escorts Service Kumaraswamy Layout ☎ 7737669865☎ Book Your One night Stand (B...

amitlee9823

This project aims to predict whether a loan application will be approved or denied based on various factors such as applicant's income, credit score, loan amount, etc. Using a dataset containing historical loan application data, we employed machine learning algorithms to build a predictive model. The model was trained on features such as applicant's income, credit history, loan amount, loan term, and others. After training the model, we evaluated its performance using metrics like accuracy, precision, recall, and F1 score. The insights from this project can help financial institutions streamline their loan approval process and make informed decisions. Visit for more information: https://bostoninstituteofanalytics.org/data-science-and-artificial-intelligence/

Predicting Loan Approval: A Data Science Project

Boston Institute of Analytics

Call me @ 9892124323 Cheap Rate Call Girls in Vashi with Real Photo 100% Secure

Pooja Nehwal

FESE Capital Markets Fact Sheet 2024 Q1.pdf

MarinCaroMartnezBerg

VIP Model Call Girls Hinjewadi ( Pune ) Call ON 8005736733 Starting From 5K to 25K High Profile Escorts In Pune Booking Now open +91- 8005736733 Why you Choose Us- +91- 8005736733 HOT⇄ 8005736733 Mr ashu ji Call Mr ashu Ji +91- 8005736733 (V030524]N) 𝐇𝐨𝐭𝐞𝐥 𝐑𝐨𝐨𝐦𝐬 𝐈𝐧𝐜𝐥𝐮𝐝𝐢𝐧𝐠 𝐑𝐚𝐭𝐞 𝐒𝐡𝐨𝐭𝐬/𝐇𝐨𝐮𝐫𝐲🆓 .█▬█⓿▀█▀ 𝐈𝐍𝐃𝐄𝐏𝐄𝐍𝐃𝐄𝐍𝐓 𝐆𝐈𝐑𝐋 𝐕𝐈𝐏 𝐄𝐒𝐂𝐎𝐑𝐓 Hello Guys ! High Profiles young Beauties and Good Looking standard Profiles Available , Enquire Now if you are interested in Hifi Service and want to get connect with someone who can understand your needs. Service offers you the most beautiful High Profile sexy independent female Escorts in genuine ✔✔✔ To enjoy with hot and sexy girls ✔✔✔ ★providing:- • Models • vip Models • Russian Models • Foreigner Models • TV Actress and Celebrities • Receptionist • Air Hostess • Call Center Working Girls/Women • Hi-Tech Co. Girls/Women • Housewife

VIP Model Call Girls Hinjewadi ( Pune ) Call ON 8005736733 Starting From 5K t...

SUHANI PANDEY

ALSO dropshipping via API with DroFx.pptx

olyaivanovalion

Al Barsha Escorts $#$ O565212860 $#$ Escort Service In Al Barsha Call girls in dubai Call girls at dubai Dubai Call girl mistaken. Just Call girl dubai Call girl in dubai Indian Call girls dubai Indian Call girl dubai Pakistan Call girls in dubai the Pakistani Call girl dubai https://services.tochat.be/whatsapp-business-directory/b22b3d16-5b26-4e59-b6c1-db53f14dfea0?utm_medium=social&utm_source=heylink.me Dubai Call girls service Dubai Call girl services Call girl service in dubai Dubai Call girl agency Dubai Call girls agency Verified Call girls dubai correct motivation is required. Her smile enlarges as if she were Young Call girls in dubai Marina Call girls Dubai marina Call girls Jumeirah Call girls Dubai Jumeirah Call girls Bur dubai Call girls Indian Call girls in bur dubai Call girls bur dubai hiding a tremendous secret. Al qusais Call girls Al nahda dubai Call girls Independent Call girls dubai Independent Call girl dubai Russian Call girls in dubai Dubai russian Call girls Young Call girls in dubai Dubai young Call girls Call girls numbers in dubai How about leaving your father's home, being wealthy, and being able to help your sister? Even though I know what she is going to say won't be good, my ears are ringing. To have this chat, I waited until Dubai Call girls number Call girls near me dubai Call girls near my hotel Cute Call girls in dubai Model Call girl in dubai Rent a girlfriend dubai you were eighteen years old. Do you understand what I do, Eden? Since I have no idea, I shake my head and my mind races. She must be some kind of successful businesswoman, I suppose. "I own a business. Do you recognize that? Knowing my best. She left. She said that Dad told her that Dubai Call girls Call girls dubai Call girls in dubai Call girls at dubai we didn’t need her anymore when he came home. I was sad.Dubai Call girl Call girl dubai Call girl in dubai Indian Call girls dubai Indian Call girl dubai Can you tell her to come back? I like her.” Her little face is Pakistan Call girls in dubai Pakistani Call girl dubai Dubai Call girls service Dubai Call girl services all pinched. So sweet. Call girl service in dubai Dubai Call girl agency Dubai Call girls agency Verified Call girls dubai But I'm pissed off. How can he Young Call girls in dubai Marina Call girls Dubai marina Call girls Jumeirah Call girls Dubai Jumeirah Call girls Bur dubai Call girls Indian Call girls in bur dubai Call girls bur dubai turn down someone I'm paying for? “So, who's here with you?” I ask her,Al qusais Call girls Al nahda dubai Call girls Independent Call girls dubai Independent Call girl dubai Russian Call girls in dubai Dubai russian Call girls fervently hoping she wasn’t here alone. “Dad's downstairs, I think Young Call girls in dubai Dubai young Call girls Call girls numbers in dubai Dubai Call girls number Call girls near me dubai Call girls near my hotel Cute Call girls in dubai Model Call girl in dubai Rent a girlfriend

Al Barsha Escorts $#$ O565212860 $#$ Escort Service In Al Barsha

AroojKhan71

Call Girls Bommasandra Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore Booking Contact Details :- WhatsApp Chat :- +91-7737669865 2-May-2024(SMW) Call Girls In Model Towh Bangalore +91-7737669865 !! Best Woman Seeking Man Call Girls Service, Escorts Service in Home Hotel in Bangalore NCR 24 Hours Available Service Call Girls, Contact Us +91-7737669865 (Any Time. Any Where) Call Girls in Bangalore, Noida, Gurgaon, Ghaziabad,Sexy Indian Female Escorts Service Bangalore NCRWelcome To Bangalore Escorts Service – An All Over New Bangalore Very Sexy Hot Call Girls Agency Service Escorts In South BangaloreNCRBangalore’s No. 1 High Profile Independent Female Escorts Service. We Provide Good Quality Educated Profile At Very Regnebal Price 100% Safe And Original.We Are Provide Escorts Service All OYO Hotels ,3*,4*,5* Star Hotel And Home Flat, Apartment. Guest-House. Services In -Call And Out – Call Both Are Services Available. 24Hrs. Any Time Any Where. In All Over Bangalore Noida Gurgaon Ghaziabad Faridabad.More Information And Contact Profile Real Pic Visit Our Website City Wise Escorts Service Agency.Good Looking Cheap And Best Models Girls U Can Get Best Click On Link……Night Call Girls Now In Hotel Le Meridien Gurgaon Near Female Escort One Shot — 5000/in call (time 1 hour), 6000/out call Two shot with one girl — 8000/in call (time 2 hour), 10000/out call Body to body massage with sex- 8000/in call (time 1 hour) Full night Service for one person– 12000/in call, 13000/out call (shot limit 3-4 shots) Full night Service for more than 1 person — please contact Us —7737669865 We are available 24*7 all days of the year. Call us — 7737669865 Thank you for Visiting.

Call Girls Bommasandra Just Call 👗 7737669865 👗 Top Class Call Girl Service B...

amitlee9823

BigBuy dropshipping via API with DroFx.pptx

olyaivanovalion

ELKO dropshipping via API with DroFx.pptx

olyaivanovalion

Model Call Girl Services in Delhi reach out to us at 🔝 9953056974 🔝✔️✔️ Our agency presents a selection of young, charming call girls available for bookings at Oyo Hotels. Experience high-class escort services at pocket-friendly rates, with our female escorts exuding both beauty and a delightful personality, ready to meet your desires. Whether it's Housewives, College girls, Russian girls, Muslim girls, or any other preference, we offer a diverse range of options to cater to your tastes. We provide both in-call and out-call services for your convenience. Our in-call location in Delhi ensures cleanliness, hygiene, and 100% safety, while our out-call services offer doorstep delivery for added ease. We value your time and money, hence we kindly request pic collectors, time-passers, and bargain hunters to refrain from contacting us. Our services feature various packages at competitive rates: One shot: ₹2000/in-call, ₹5000/out-call Two shots with one girl: ₹3500/in-call, ₹6000/out-call Body to body massage with sex: ₹3000/in-call Full night for one person: ₹7000/in-call, ₹10000/out-call Full night for more than 1 person: Contact us at 🔝 9953056974 🔝. for details Operating 24/7, we serve various locations in Delhi, including Green Park, Lajpat Nagar, Saket, and Hauz Khas near metro stations. For premium call girl services in Delhi 🔝 9953056974 🔝. Thank you for considering us!

CHEAP Call Girls in Saket (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE

9953056974 Low Rate Call Girls In Saket, Delhi NCR

Kürzlich hochgeladen (20)

Junnasandra Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...

BDSM⚡Call Girls in Mandawali Delhi >༒8448380779 Escort Service

Abortion pills in Doha Qatar (+966572737505 ! Get Cytotec

Invezz.com - Grow your wealth with trading signals

Call Girls Indiranagar Just Call 👗 7737669865 👗 Top Class Call Girl Service B...

Vip Mumbai Call Girls Marol Naka Call On 9920725232 With Body to body massage...

Mg Road Call Girls Service: 🍓 7737669865 🍓 High Profile Model Escorts | Banga...

Week-01-2.ppt BBB human Computer interaction

Sampling (random) method and Non random.ppt

Escorts Service Kumaraswamy Layout ☎ 7737669865☎ Book Your One night Stand (B...

Predicting Loan Approval: A Data Science Project

Call me @ 9892124323 Cheap Rate Call Girls in Vashi with Real Photo 100% Secure

FESE Capital Markets Fact Sheet 2024 Q1.pdf

VIP Model Call Girls Hinjewadi ( Pune ) Call ON 8005736733 Starting From 5K t...

ALSO dropshipping via API with DroFx.pptx

Al Barsha Escorts $#$ O565212860 $#$ Escort Service In Al Barsha

Call Girls Bommasandra Just Call 👗 7737669865 👗 Top Class Call Girl Service B...

BigBuy dropshipping via API with DroFx.pptx

ELKO dropshipping via API with DroFx.pptx

CHEAP Call Girls in Saket (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE

Threat Hunting with Deceptive Defense and Splunk Enterprise Security

1. © 2017 SPLUNK INC.© 2017 SPLUNK INC. Threat Hunting with Deceptive Defense and Splunk Enterprise Security Satnam Singh | Chief Data Scientist Acalvio Technologies September 27, 2017 | Washington, DC

2. © 2017 SPLUNK INC. During the course of this presentation, we may make forward-looking statements regarding future events or the expected performance of the company. We caution you that such statements reflect our current expectations and estimates based on factors currently known to us and that actual events or results could differ materially. For important factors that may cause actual results to differ from those contained in our forward-looking statements, please review our filings with the SEC. The forward-looking statements made in this presentation are being made as of the time and date of its live presentation. If reviewed after its live presentation, this presentation may not contain current or accurate information. We do not assume any obligation to update any forward looking statements we may make. In addition, any information about our roadmap outlines our general product direction and is subject to change at any time without notice. It is for informational purposes only and shall not be incorporated into any contract or other commitment. Splunk undertakes no obligation either to develop the features or functionality described or to include any such feature or functionality in a future release. Splunk, Splunk>, Listen to Your Data, The Engine for Machine Data, Splunk Cloud, Splunk Light and SPL are trademarks and registered trademarks of Splunk Inc. in the United States and other countries. All other brand names, product names, or trademarks belong to their respective owners. © 2017 Splunk Inc. All rights reserved. Forward-Looking Statements

3. © 2017 SPLUNK INC. ▶ Alert triage using threat intelligence and other data sources ▶ Primarily outlier detection ▶ Too many alerts and Too many false positives ▶ Typically less than 5% of alerts are investigated Threat Hunting

5. © 2017 SPLUNK INC. Deceptive Security ▶ Reincarnation of Honeypots, Honeyfiles, Honeydata and Honeynet ▶ Multiple forms : Decoys, Breadcrumbs, Lures, Baits ▶ Active Approach —> High Fidelity Alert ▶ “Deploy deceptions on/around hosts with notable events”

7. © 2017 SPLUNK INC. 3. THIN Based on Deception alert/no alert recompute notable ranking Threat Hunting 1. Threat Hunting Intelligence Engine (THIN) - Ranking of Hosts & Notables - Determine Deception Strategy Splunk ES -Notables 2. Deception Platform Deploy Deceptions

9. © 2017 SPLUNK INC. Step 2: Recommend Deceptions Breadcrumb Details Host osg-sec-wsus01 (10.11.36.41) has failed login authentication 6 times using 6 usernames against 1 target in the last hour Excessive Failed Logins Notable

11. © 2017 SPLUNK INC. Summary ▶ Need to deal with alert deluge ▶ Need Proactive Approach for Threat Hunting ▶ Fusion of Data Science and Deceptive Security provides an active approach for Threat Hunting

Threat Hunting with Deceptive Defense and Splunk Enterprise Security

Empfohlen

Empfohlen

Weitere ähnliche Inhalte

Was ist angesagt?

Was ist angesagt? (20)

Ähnlich wie Threat Hunting with Deceptive Defense and Splunk Enterprise Security

Ähnlich wie Threat Hunting with Deceptive Defense and Splunk Enterprise Security (20)

Mehr von Satnam Singh

Mehr von Satnam Singh (11)

Kürzlich hochgeladen

Kürzlich hochgeladen (20)

Threat Hunting with Deceptive Defense and Splunk Enterprise Security