The Splunk.conf experience

Davinsi Labs is dedicated to nurturing the growth of its engineers' knowledge and skills, which is why we were offered the chance to attend the annual .conf conference, organized by Splunk. As primarily members of the Platform team and the Managed Detection and Response team, we had a responsibility to represent not only our teams, but everyone in Davinsi Labs. We're stoked about sharing all the cool knowledge and insights we picked up to further fuel our drive for superior quality and excellence.

Splunk.conf was hosted in the imposing Venetian venue. Entering the Venetian for the first time, we were seriously impressed by the size of the location. You could easily spend a month inside without going elsewhere. All our needs and wants were easily fulfilled by what they offered. Imagine walking 15 to 20 km each day and almost all of it indoors. That's how big it is.
The same goes for Las Vegas, the sheer size of it (and the heat) was almost too much to take in!

The week started with a kick-off on Monday, featuring the global partner summit. Splunk took the stage to highlight its accomplishments, exciting new announcements, and future objectives.

Following that, the official kick-off event, “Ready For Anything”, unveiled some fascinating new offerings, such as Splunk AI, Splunk Edge Hub, and the possibility to onboard Splunk in the Microsoft Azure Marketplace. Alongside exciting partnerships, including the one with Microsoft.

During the three days of .conf, attendees were treated to various interesting talks and workshops. We, from the Managed Detection and Response team, focussed on the talks about innovative ways to enhance our Use Case Library, integration with Machine Learning and further elevate the efficiency of our SOAR (Security Orchestration, Automation, and Response) playbooks.

We also followed talks about how we could make the daily lives of our Security Operations Center (SOC) easier and more streamlined. One of our key objectives here was to combat alert fatigue, which has become a pervasive challenge in today's dynamic cybersecurity landscape.
The conference also presented opportunities to attend talks on topics such as risk-based alerts, a crucial concept in prioritizing and responding to security incidents based on their potential impact. Moreover, we also followed a very interesting session that explored threat hunting methodologies utilising a recently developed framework (Introducing the PEAK Threat Hunting Framework).

During the times when we took breaks from attending the talks and workshops, we took the opportunity to engage with Splunk representatives. As a strategic Managed Security Service Provider (MSSP) for Splunk, we believe in providing constructive feedback, sharing our experience, and giving valuable suggestions to further enhance the Splunk product. In the Pavilion, other Splunk partners and sponsors presented their developed Splunk integrations and products, which also provided everyone the chance to network with each other.

From a platform team perspective, all talks we attended were mostly a confirmation that we are going in the right direction. The presented topics and how these were technically implemented affirm that the approach we choose to set up and maintain our multi-customer environment, and the supporting platform is the way forward.

Besides all the technical talks, we took the opportunity to strengthen and create new relationships with multiple Splunk employees. These efforts have already proven fruitful since we were able to get help and answers on some more technical difficulties, that come along with the challenge of being an MSP.

On Wednesday, the traditional Search Party took place, filling the place with excitement, games, music and most if not all of the extraordinary attendees. One of the highlights was the DJ set of the renowned DJ Jazzy Jeff, famously recognized for his appearances on the iconic show The Fresh Prince of Bel-Air. With his exceptional skills, he mixed up some fresh tunes, setting fire to the place. 
In addition to DJ Jazzy Jeff's fantastic performance, another talented artist, DJ Esther Anaya, took the stage, captivating the audience with a very danceable mix.