Register Now

All Fields are required *

Why is alert fatigue accepted as “normal” in Security Operations Centers (SOC)? There has to be a shift in perspective. Splunk has worked with customers to build a reference architecture called Risk Based Alerting within Splunk Enterprise Security. It introduces a layer of abstraction between the detection analytics and the alerting process while aligning with the MITRE ATT&CK™ framework to account for user/system/service specific context when scoring anomalous behavior.

Tune in to learn about how Splunk Risk Based Alerting allows you:
  • To scale existing analysts to include more data/analytics
  • Increase your true positive rates
  • Improve the effectiveness of your SOC

Event Details


On Demand

Who Should Attend: Security Analysts, SOC Managers


Jim Apger
Staff Security Strategist
Security Operations

Jairo Camacho
Product Marketing Specialist
Splunk User Behavior Analytics