This lab leverages a complex virtual environment that uses Tanium and other industry-leading security tools to gather data from various flavors of servers and workstations and send that data to Splunk. Specific security events have been engineered to give the user an in-depth understanding of the overall capabilities of Splunk ES.
This Lab demonstrates how Splunk Enterprise Security can:
- Collect data from various sources.
- Improve security operations by driving efficiency and reducing response times.
- Increase investigation, detection and prevention capabilities.
- Integrate into an organization’s automation and reporting processes.
- Improve security posture by gaining detailed visibility into enterprise activity.
- Pivot between various security workflows to support in-depth investigative analysis.