Airlock Co-Founder, David Cottingham, will be presenting at the Australian Cyber Security Centre on Wednesday the 15th of March at 2:30pm in the Bradman Theatrette.
There is a wealth of information in the security community today about what constitutes an indication of malicious activity within enterprise environments. Even if you are lucky enough to have a consensus regarding what you should be looking for each day, many organisations are simply not resourced to actively hunt and interpret activity within their environment. During this talk I will release a free Splunk application I have developed to make this challenge easier and also demonstrate some additional utilities I find invaluable.
Information on the new free Airlock Splunk App can be found here, and an updated version of the Airlock Whitelist Auditor can be found here.