We've run a risk-based approach with our security alerts for over a year, and we're excited to review our progress with you. We'll discuss how we increased the number of behavioral indicators by 300% while reducing our alerts by 50%. We'll also discuss how we expanded our risk approach to handle on premise and cloud environments within the same framework, which yielded a single alerting mechanism that leverages all of our data enrichment. We'll also share the roadmap for our risk-based approach, which incorporates risk rules that utilize algorithms to identify risks not discovered by traditional detection approaches.

Speaker(s)
Stuart McIntosh, Threat Intelligence, Outpost Security

Slides PDF link - https://conf.splunk.com/files/2019/slides/SEC1908.pdf?podcast=1577146235