SuriCon 2016 - Applying Data Science to Suricata

Splunk has enabled big data on the security practitioner’s desktop, but the security knowledge worker is not a data scientist by training. SOC engineers need easy-to-implement machine learning tools. Learn about existing machine learning toolkits available in the Splunk platform and how they can be applied to data exfiltration, port/traffic analysis security and advanced threat use cases.

Slides