More and more companies understand that traditional protection designed for endpoints and perimeter is not enough. They deploy new protection tools, collect and process more information about activities within the network. Kaspersky Lab provides several services that help reveal threats by analyzing data gathered by SIEM and threat intelligence platforms.
This course is devoted to the following services:
- Threat Data Feeds ;
- Threat Lookup ;
- APT Reporting .
The course explains what constitutes the services, how to use them, and their value. Integration of threat data feeds with Splunk using Kaspersky Threat Feed Service version 1.2 is described in detail.
The course will be of use to integrators and SOC analysts who plan to work with services by Kaspersky Lab .