Building on our introductory session, this advanced workshop will focus on practical implementation strategies to maximize the value of your Risk-Based Alerting deployment. We'll explore integration best practices, complementary tools, and structured workflows that security teams can implement immediately to enhance their detection and response capabilities.

Topics we'll cover include:

• Advanced RBA capabilities and integrations

• Essential Splunk apps and add-ons that complement and extend RBA functionality

• Custom dashboards and visualizations for risk monitoring and management

• Structured detection engineering processes for creating, testing, and tuning risk-based rules

• Real-world use cases and lessons learned from mature RBA implementations

Agenda:

• 3:30 PM - Meet and Greet

• 4:00 PM - Presentation

• 5:00 PM - Continued Discussion at Muldoon's