Find content to use in your ransomware defense with the Ransomware Content Browser
Plan your ransomware defense with the Ransomware Content Browser by first viewing a visualization of the lifecycle of a ransomware attack and then using the Ransomware Content List to find content to protect against a ransomware attack. View the Total content by Type table to see what types of content are available for each security phase.
You can navigate to the Ransomware Content Browser in Splunk Security Essentials by navigating to Security Content > Ransomware Content Browser.
Use the Ransomware Content List to find content to use in your ransomware defense
To find content to use in your ransomware defense, follow these steps:
- Navigate to the Ransomware Content List.
- Change the Content Type from the default of Any to reflect the type of content you are looking for.
- Change the Phase from the default of Any to find content related to a specific type of security threat.
- Change Critical Control from the default of Any to find content related to a specific type of security control.
The filters populate information about the stage and phase and if available, content appears in the Content in selection area of the page. You can then select the content to start using it in your ransomware defense plan, or if the content is a detection, you can schedule the detection to prevent ransomware on your system.
Customize Splunk Security Essentials with the Custom Content dashboard | Find content with the MITRE ATT&CK-Driven Content Recommendation dashboard |
This documentation applies to the following versions of Splunk® Security Essentials: 3.6.0
Feedback submitted, thanks!