Join us for the first installment of our two-part series on Splunk's Risk-Based Alerting (RBA). This introductory session will provide security practitioners with the essential knowledge needed to implement and leverage RBA in your environment. We'll explore how RBA helps security teams prioritize threats based on risk scores rather than handling alerts in isolation, significantly reducing alert fatigue and enabling more effective threat detection.

Our agenda includes:

• Understanding the limitations of traditional alerting approaches

• Core concepts and benefits of Risk-Based Alerting

• Setting up your first risk-based detection rules

• Configuring risk scoring and normalization

• Hands-on demonstration of basic RBA implementation

• Q&A with Splunk experts

Whether you're considering implementing RBA or just starting your journey, this session will equip you with practical knowledge to enhance your security operations.

Agenda:

• 3:30 PM - Meet and Greet

• 4:00 PM - Presentation

• 5:00 PM - Continued Discussion at Muldoon's