How to Leverage Splunk and Carbon Black Response
Splunk and Carbon Black Response (CbR) are two critically powerful tools in the modern security program. Many organizations know they could integrate the two products but might not know where to begin or fully understand the use cases.
In this video, the author of the CbR+Splunk Integration, Michael Haag, walks through:
- How to enable the integration and what data sets to consider
- 3 common scenarios you will encounter when using CbR data inside Splunk
- Advanced techniques including software inventorying, risk scoring, and response automation