Are your security teams drowning in data and overwhelmed with alerts? Are you thinking that there must be a better way, some esoteric or forbidden knowledge, to produce higher-fidelity alerts and keep your team from burning out?
Join the Blue Team Academy for a discussion on the amazing potential that Risk-Based Alerting (RBA) brings to analysis with Splunk® Enterprise Security.
In this webcast, we will cover basics and more, all from the SOC analyst perspective, such as:
• What you can expect to see when RBA is implemented
• What are risk objects and risk events
• How you can encourage your own team to implement RBA
Be sure to submit your questions for our presenter in the box when you register. Attendees are eligible to receive 1 CPE credit.