splunk / rba

RBA is Splunk's method to aggregate low-fidelity security events as interesting observations tagged with security metadata to create high-fidelity, low-volume alerts.
50Updated last week

Related projects

Alternatives and complementary repositories for rba