We also followed talks about how we could make the daily lives of our Security Operations Center (SOC) easier and more streamlined. One of our key objectives here was to combat alert fatigue, which has become a pervasive challenge in today's dynamic cybersecurity landscape.
The conference also presented opportunities to attend talks on topics such as risk-based alerts, a crucial concept in prioritizing and responding to security incidents based on their potential impact. Moreover, we also followed a very interesting session that explored threat hunting methodologies utilising a recently developed framework (Introducing the PEAK Threat Hunting Framework).
During the times when we took breaks from attending the talks and workshops, we took the opportunity to engage with Splunk representatives. As a strategic Managed Security Service Provider (MSSP) for Splunk, we believe in providing constructive feedback, sharing our experience, and giving valuable suggestions to further enhance the Splunk product. In the Pavilion, other Splunk partners and sponsors presented their developed Splunk integrations and products, which also provided everyone the chance to network with each other.
From a platform team perspective, all talks we attended were mostly a confirmation that we are going in the right direction. The presented topics and how these were technically implemented affirm that the approach we choose to set up and maintain our multi-customer environment, and the supporting platform is the way forward.
Besides all the technical talks, we took the opportunity to strengthen and create new relationships with multiple Splunk employees. These efforts have already proven fruitful since we were able to get help and answers on some more technical difficulties, that come along with the challenge of being an MSP.