Sep 10, 2023
That's super interesting, Matthias!
All those can be easily implemented in Splunk with simple SPL. On DE use cases, it's up to the detection engineer creativity and the data available.
Written by Alex Teixeira
I design and build detection and SIEM/EDR/XDR content for Enterprise #SecOps teams #DetectionEngineering http://opstune.com