Who Should Attend: Splunk Administrators, Security Analysts, SOC Manager
Historically, Security Operations Centers have been noisy places. Teams have worked endlessly to craft the ‘perfect’ correlation search, to no avail. As the volume of security alerts continued to grow, it has put a disproportionate amount of the workload on analysts, as their primary job function became triage related activities. Tune in to learn how Enterprise Security with native Risk-Based Alerting functionality addresses this issue. In a series of clicks, ES users can map against their preferred cybersecurity framework (e.g. MITRE ATT&CK), start aligning analytics to quantify their cybersecurity coverage, and watch the number of alerts plummet.
Learn how to:
Staff Security Strategist, Splunk
Security Product Marketing Specialist, Splunk