Configuring Threat Intelligence in Splunk Enterprise Security
Splunk Enterprise Security is a premium application used within the Splunk deployment to help with SOC operations. This course will teach you how to configure various threat intelligence sources for use within Splunk Enterprise Security.
Splunk Enterprise Security (ES) solves many problems within our SOCs, including efficient operations. In this course, Configuring Threat Intelligence in Splunk Enterprise Security, you’ll learn how to get this information into the tool from various sources. First, you’ll learn about threat intelligence and the different formats it comes in. Next, you’ll learn about the Splunk Threat Intelligence Framework and how to use it in order to enrich your data. You’ll look at the threat intelligence tools that we can use in the application as well. Finally, you’ll learn how to configure the threat intelligence sources and parse the data in order to get what you need for Splunk Enterprise Security.
Author Name: Joe Abraham
Author Description:
Joe Abraham, CCIE #62417, is a Cybersecurity Architect working in the public sector space, assisting customers develop and implement functional and secure network architectures. He graduated from Excelsior College with an M.S. in Cybersecurity and a B.S. in Information Technology (Network Management). He currently holds many IT certifications to include CCIE, CISSP, GSEC, and CCNP Security. Joe is a mentor to IT professionals and a blogger who spends his time either with his wife and three child… more
Table of Contents
- Course Overview
1min - Exploring Splunk Threat Intelligence
29mins - Understanding Splunk Security Intelligence Tools
30mins - Detailing the Splunk Threat Intelligence Framework
15mins - Configuring Threat Intelligence Sources
26mins
There are no reviews yet.