Splunk Tech Talks
Deep-dives for technical practitioners.

Enhance Security Visibility with Splunk Enterprise Security 7.1 through Threat Topology and MITRE ATT&CK Visualizations

WhitneySink
Splunk Employee
Splunk Employee

 

Struggling with alert fatigue, lack of context, and prioritization around security incidents? With Splunk Enterprise Security 7.1, we made it even easier to analyze malicious activities and determine the scope of incidents faster. Splunk Enterprise Security 7.1 new visualization features include Threat Topology, which determines the scope of security incidents, and MITRE ATT&CK Framework Visualization, which highlights the tactics and techniques observed in risk events so that you can respond faster.

Highlights:

  • Quickly discover the scope of an incident to respond with accuracy
  • Improve security workflow efficiencies with embedded frameworks
  • Operationalize the MITRE ATT&CK framework when responding to Notable Events
  • Identify additional impacted subjects of an investigation without writing a single line of code of query language
Get Updates on the Splunk Community!

Automatic Discovery Part 1: What is Automatic Discovery in Splunk Observability Cloud ...

If you’ve ever deployed a new database cluster, spun up a caching layer, or added a load balancer, you know it ...

Real-Time Fraud Detection: How Splunk Dashboards Protect Financial Institutions

Financial fraud isn't slowing down. If anything, it's getting more sophisticated. Account takeovers, credit ...

Splunk + ThousandEyes: Correlate frontend, app, and network data to troubleshoot ...

 Are you tired of troubleshooting delays caused by siloed frontend, application, and network data? We've got a ...