Home
Jose Enrique Hernandez edited this page Feb 1, 2022
·
7 revisions
This project gives you access to our repository of Analytic Stories that are security guides which provide background on TTPs, mapped to the MITRE framework, the Lockheed Martin Kill Chain, and CIS controls. They include Splunk searches, machine-learning algorithms, and Splunk Phantom playbooks (where available)—all designed to work together to detect, investigate, and respond to threats.
While this content is available via Splunk Enterprise Security, Enterprise Security Content Updates (https://splunkbase.splunk.com/app/3449/), and our API we have now made it available as an open-source project. The security-content project was designed to bring all Splunk detection, and the community together to improve our collective defenses.