DerbyCon was amazing as usual. I can’t recommend the conference enough.
The most useful talk for me was Ryan Voloch’s talk on SIEM management. I have experience deploying Splunk as a security monitoring solution. Ryan’s talk focused on managing use cases / searched. Prior to the talk, I had a note pad for my ideas and used my employer’s ticket system for external requests. It worked but wasn’t elegant. I’m in the process of deploying a larger Splunk monitoring solution. I’m testing the template.