Skip to content
Threat Detection Engineering
Writing Splunk Enterprise Security Correlation Searches
SPL Nuggets: How are my rules performing?
How rare is a rare HTTP agent? Context-rich alerts because of math
Should I date a model? Myths busted!
Splunking BOTS V3: Q212, Q214, Q300
SPL Nuggets: Visualizing RDP/TS Connections from Eventlogs
Splunking BOTS v3: What Frothly VPN user generated the most traffic? Q330
Splunking questions from BOTS v3 dataset – Q215
JIRA workflow for Detection Engineering teams
Threat detection metrics: exploring the true-positive spectrum