Watch our discussion around the “Voice of the Splunk Customer” covering topics on all things Splunk such as:
- ES Risk Based Alerting (RBA) Framework: Increase alert fidelity and reduce false positive volume, thereby reducing alert fatigue and response time
- RBA Continued: Baseline organizational, departmental, and team risk concerns and track over time
- Mapping Content to a Security Framework: A Unified Security Approach, Focused Threat Detection and Response, Gaps and Coverage Assessment, Continuous Improvement and Adaptability
Splunk and MITRE ATT&CK Framework: Mapping Splunk OTB contents to the relevant APT group, Tactics and Technique - Improving Search Performance
- Alert Fatigue and Tuning
