Configuring Threat Intelligence in Splunk Enterprise Security
Splunk Enterprise Security is a premium application used within the Splunk deployment to help with SOC operations. This course will teach you how to configure various threat intelligence sources for use within Splunk Enterprise Security.
What you'll learn
Splunk Enterprise Security (ES) solves many problems within our SOCs, including efficient operations. In this course, Configuring Threat Intelligence in Splunk Enterprise Security, you’ll learn how to get this information into the tool from various sources. First, you’ll learn about threat intelligence and the different formats it comes in. Next, you’ll learn about the Splunk Threat Intelligence Framework and how to use it in order to enrich your data. You’ll look at the threat intelligence tools that we can use in the application as well. Finally, you’ll learn how to configure the threat intelligence sources and parse the data in order to get what you need for Splunk Enterprise Security.