View our Tech Talk: Security Edition
We are releasing a new community playbook for Splunk Phantom to help enrich suspicious email events. This playbook focuses specifically on domain names contained in the ingested email, and it uses Cisco Umbrella Investigate to add the risk score, risk status and domain category to the event in Phantom.
Read more...