Jun 20, 2023, 4:00 – 5:00 PM
Is your security operations staff overworked? Which of the thousands of high priority alerts generated should you start with each day, knowing that you can get to them all? Are your alerts even actionable? Implementing Risk Based Alerting (RBA) with Splunk Enterprise Security can provide a solution to these questions.
[UPATE: EVENT LOCATION - ATLANTA TECH VILLAGE]
Is your security operations staff overworked? Which of the thousands of high priority alerts generated should you start with each day, knowing that you can get to them all? Are your alerts even actionable? Implementing Risk Based Alerting (RBA) with Splunk Enterprise Security can provide a solution to these questions.
The session will take a hands on approach by using a lab environment to walk through RBA with its components and frameworks. Then, I’ll share some trials from the field and some best practices learned, along with an approach and some resources to get you started on your RBA Journey.
*This Splunk Plugged-In event will also include food, drinks, and swag!*
Remote users Zoom link: https://splunk.zoom.us/j/98771416555?pwd=UE5pV1dkRUJ5N0F1Y3ROUGg3eFNpdz09
Splunk
Professional Services Regional Practice Architect, Security
Tuesday, June 20, 2023
4:00 PM – 5:00 PM UTC
Contact Us