Splunk is essential to most SOC operations, but it also has the tendency to overwhelm teams with alerts.
A key method of triaging and prioritizing alerts comes from intelligence enrichment; bringing in additional context from case management and orchestration tools, as well as external intelligence sources.
In this interactive training, TruSTAR Intelligence Architect Doug Helton will demonstrate SIEM workflow best practices through TruSTAR's new Splunk and Splunk ES integration to help teams better triage and prioritize alerts.
Learn how to:
This live training webinar took place on: Tuesday, December 10, 2019.