Splunk Tech Talks
Deep-dives for technical practitioners.

Enhance Security Visibility with Splunk Enterprise Security 7.1 through Threat Topology and MITRE ATT&CK Visualizations

WhitneySink
Splunk Employee
Splunk Employee

 

Struggling with alert fatigue, lack of context, and prioritization around security incidents? With Splunk Enterprise Security 7.1, we made it even easier to analyze malicious activities and determine the scope of incidents faster. Splunk Enterprise Security 7.1 new visualization features include Threat Topology, which determines the scope of security incidents, and MITRE ATT&CK Framework Visualization, which highlights the tactics and techniques observed in risk events so that you can respond faster.

Highlights:

  • Quickly discover the scope of an incident to respond with accuracy
  • Improve security workflow efficiencies with embedded frameworks
  • Operationalize the MITRE ATT&CK framework when responding to Notable Events
  • Identify additional impacted subjects of an investigation without writing a single line of code of query language
Get Updates on the Splunk Community!

Fall Into Learning with New Splunk Education Courses

Every month, Splunk Education releases new courses to help you branch out, strengthen your data science roots, ...

Super Optimize your Splunk Stats Searches: Unlocking the Power of tstats, TERM, and ...

By Martin Hettervik, Senior Consultant and Team Leader at Accelerate at Iver, Splunk MVPThe stats command is ...

How Splunk Observability Cloud Prevented a Major Payment Crisis in Minutes

Your bank's payment processing system is humming along during a busy afternoon, handling millions in hourly ...