Analytics Driven Security - How to Start and Continue the Journey
Regardless of how experienced you are when it comes to SIEM, you should constantly be looking for new security use cases and insights to maintain high levels of protection in your environment. However, the landscape is changing so quickly that this needs to be supported with an analytics-driven approach to ensure you are ahead of adversaries and are prioritizing the right threats. At the moment, you might be following best-practice frameworks, such as CIS20, or implementing the kill-chain model.
This webinar runs through one of the recent Analytic Stories published by the Splunk Security Research team that map to these processes, providing you with insights on how to continue your analytics security journey through the “Brand Monitoring” story and related searches. This will demonstrate how you can customize your environment to detect attempts to fool employees or customers into interacting with malicious infrastructure.
Watch this webinar to learn:
- What Analytic Stories are and what they look like
- How you can begin adopting Analytic Stories in your environment
- What tactics and techniques adversaries use when attempting to abuse your brand
- How you can implement and customize the brand-monitoring analytic story in your environment
- How you can further operationalize the Analytic Stories with Splunk Enterprise Security