Learn to Crawl, Walk, SOAR with DomainTools and Splunk
In a recent survey conducted by the Ponemon Institute, it was reported that 40 percent of teams typically spend 51-100 staff hours per day triaging and investigating alerts, and 19 percent spend more than 100 hours. The findings also indicate that automation will improve teams’ abilities to prioritize threats and vulnerabilities, and increase the speed of analyzing them. With this in mind, it comes as no surprise that organizations are implementing security orchestration automation response (SOAR) platforms to help manage the number of alerts they encounter on a daily basis.
This is where Splunk, Splunk>Phantom, and DomainTools data sets can help enable security analysts and incident responders make better decisions, faster. Join Senior Sales Engineer, Taylor Wilkes-Pierce, and Senior Integrations Solutions Engineer, Josh Rice, to learn how to not only help separate signals from noise, but to automate complex actions and investigations by using Splunk>Phantom’s playbooks functionality.
This webinar will cover:
- Rich Iris datasets is available not only for ad-hoc research on specific incidents in Splunk Phantom, but also for automated actions in Splunk Phantom playbooks
- How to use Risk Score, Proximity and Threat Profile classifiers to manage alert fatigue, and automate workflows
- Real world use cases that encompass both notable events from the App (Application) in Splunk and automated investigations with Splunk>Phantom Playbooks