Play Video
Video Summary
This video explores the content recommendations and reporting features in Splunk Security Essentials, demonstrating how they can help organisations optimise their security operations. It begins by navigating the Mitre ATT&CK-based content recommendations dashboard, which provides a comprehensive view of detection strategies. Users can filter content by categories such as cloud security or insider threat, as well as by data availability and technique popularity, to prioritise the most impactful detections. Additionally, the risk-based alerting recommendations dashboard is introduced, showcasing its utility in tailoring content for approaches like zero trust or other strategic focuses.
The video also delves into reporting capabilities, including dashboards for the Cyber Kill Chain and Mitre ATT&CK frameworks. These dashboards enable organisations to assess the status of active, available, or data-requiring content, providing insights through visualisations like the Mitre ATT&CK Matrix, tactic-level charts, and radar views. Lastly, the product mapping report highlights how collected data aligns with specific content, offering a clear understanding of the value each data source brings. This feature supports informed decisions on future data collection strategies, making Splunk Security Essentials an invaluable tool for enhancing security posture.
The video also delves into reporting capabilities, including dashboards for the Cyber Kill Chain and Mitre ATT&CK frameworks. These dashboards enable organisations to assess the status of active, available, or data-requiring content, providing insights through visualisations like the Mitre ATT&CK Matrix, tactic-level charts, and radar views. Lastly, the product mapping report highlights how collected data aligns with specific content, offering a clear understanding of the value each data source brings. This feature supports informed decisions on future data collection strategies, making Splunk Security Essentials an invaluable tool for enhancing security posture.
Other Videos in this Series
Additional Resources
Who are Somerford?
We are a passionate group of people delivering innovation to our customers on their digital transformation journey.
Splunk Edge Hub
Effortlessly streamline the process of inegrating your data with the Splunk Edge Hub
Splunk Security Solutions
Utilise Splunk's suite of security solutions designed to provide uniefied and robust defence against cyber threads.
Get in Touch to Learn More
With specialist knowledge, skills and experience derived from supporting a broad range of FTSE 100, FTSE 250 and smaller companies Somerford Associates have a strong reputation for enabling digital transformation at scale, at pace and in budget.
