Operationalize MITRE ATT&CK™ with Risk Based Alerting (RBA)

View our Tech Talk: Security Edition, Operationalize MITRE ATT&CK™ with Risk Based Alerting (RBA). Risk Based Alerting introduces a layer of abstraction between the detection analytics and the alerting process while aligning with the MITRE ATT&CK™ framework to account for user/system/service specific context when scoring anomalous behavior.

(view in My Videos)

Tune in to learn about how Splunk Risk Based Alerting allows you:

To scale existing analysts to include more data/analytics
Increase your true positive rates
Improve the effectiveness of your SOC

Tech Talk discussions remain open for two weeks following the live Tech Talk event. Have more questions? Check out our MITRE ATT&CK conversations in Splunk Answers community for more!

2 Comments

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Get Updates on the Splunk Community!

Observability Simplified: Combining User Experience, Application Performance & ...

Tech Talk Observability Simplified: Combining User Experience, Application Performance & Network ...

Event Series May & June: From Network Visibility to Service Intelligence

Unifying the Network: Moving from Alert Noise to Service Intelligence with Splunk ITSI In today’s hybrid ...

Global Splunk User Group Events: May + June 2026

Your Splunk Community Awaits: Discover Upcoming User Group Events Worldwide Staying ahead in the fast-paced ...

Join the Conversation

Operationalize MITRE ATT&CK™ with Risk Based Alerting (RBA)

Observability Simplified: Combining User Experience, Application Performance & ...

Event Series May & June: From Network Visibility to Service Intelligence

Global Splunk User Group Events: May + June 2026