Splunk Tech Talks
Deep-dives for technical practitioners.

Take Your Breath Away with Splunk Risk-Based Alerting (RBA)

WhitneySink
Splunk Employee
Splunk Employee

Screenshot 2025-01-21 at 12.15.31 PM.png

The Splunk Guide to Risk-Based Alerting is here to empower your SOC like never before. Join Haylee Mills, Security Strategist at Splunk, as she walks through the new and improved Splunk Guide to RBA!


Join this Tech Talk to learn the power of RBA, such as how to:

  • Reduce the number of overall alerts while increasing the fidelity of alerts that arise
  • Define and produce internal threat intelligence to identify normal or anomalous behavior
  • Create high-value detections from traditionally noisy data sources, which align to popular cybersecurity frameworks
  • Develop a valuable risk library of metadata-enriched objects and behaviors for manual analysis or machine learning

Watch full Tech Talk here:

(view in My Videos)

Contributors
Get Updates on the Splunk Community!

From Data to Insight: Announcing the Winners of the Splunk Dashboard Contest

Hi Splunkers, First off, thank you to everyone who participated in our very first From Data to Insight: The ...

Splunk Developers: Construct Your Future at the .conf26 Builder Bar

Calling all Splunk architects, platform admins, and app developers: the site is open, and the blueprints are ...

Quick connection discovery mode for forwarders

When a Splunk forwarder loses connectivity to its indexers, it does not always reconnect immediately. In many ...