Struggling with alert fatigue, lack of context, and prioritization around security incidents? With Splunk Enterprise Security 7.1, we made it even easier to analyze malicious activities and determine the scope of incidents faster. Splunk Enterprise Security 7.1 new visualization features include Threat Topology, which determines the scope of security incidents, and MITRE ATT&CK Framework Visualization, which highlights the tactics and techniques observed in risk events so that you can respond faster.
Highlights:
- Quickly discover the scope of an incident to respond with accuracy
- Improve security workflow efficiencies with embedded frameworks
- Operationalize the MITRE ATT&CK framework when responding to Notable Events
- Identify additional impacted subjects of an investigation without writing a single line of code of query language
