Prerequisites
Required:
Course Objectives
- Mission Control overview and architecture
- Features, capabilities, and benefits
- Triage notables in the analyst queue
- Start a notable investigation
- Use and create new response templates
- Analyze security data using dashboards
Course Content
Splunk Mission Control is a cloud-based, unified security operations platform. It brings together security data, analytics, and operations so that security teams can manage incidents across the entire event lifecycle. This 4.5-hour hands-on module introduces Mission Control and illustrates its benefits to security teams. You will learn how to triage, investigate, and respond to security incidents. You will also learn how to create new response plans and build customized dashboards to gain further insights into your data.