Operationalize MITRE ATT&CK™ with Risk Based Alerting (RBA)

View our Tech Talk: Security Edition, Operationalize MITRE ATT&CK™ with Risk Based Alerting (RBA). Risk Based Alerting introduces a layer of abstraction between the detection analytics and the alerting process while aligning with the MITRE ATT&CK™ framework to account for user/system/service specific context when scoring anomalous behavior.

(view in My Videos)

Tune in to learn about how Splunk Risk Based Alerting allows you:

To scale existing analysts to include more data/analytics
Increase your true positive rates
Improve the effectiveness of your SOC

Tech Talk discussions remain open for two weeks following the live Tech Talk event. Have more questions? Check out our MITRE ATT&CK conversations in Splunk Answers community for more!

2 Comments

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Get Updates on the Splunk Community!

Quantify Your Splunk Investment Impact: Introducing Savings Metrics to Value Insights

Building on the foundation established in our initial Value Insights releases, we are introducing the Savings ...

Event Series: Telemetry Pipeline Management

Balancing Scale and Spend: Gaining Control Over High-Volume Metrics in Splunk Observability Cloud As ...

Kick the Tires Before You Commit: A Hands-On Tour of the Splunk Observability Cloud ...

Evaluating an enterprise observability platform usually goes like this: fill out a form, get a free trial with ...

Join the Conversation

Operationalize MITRE ATT&CK™ with Risk Based Alerting (RBA)

Quantify Your Splunk Investment Impact: Introducing Savings Metrics to Value Insights

Event Series: Telemetry Pipeline Management

Kick the Tires Before You Commit: A Hands-On Tour of the Splunk Observability Cloud ...