Cisco XDR, Splunk, Cisco Secure Firewall, and Endace (Zeek) were used to investigate a spike in security alerts at Cisco Live EMEA, quickly distinguishing genuine threats from environmental noise through correlated incident analysis and network context.

Bilal Qamar

Source: cisco
Source Link: https://blogs.cisco.com/security/from-flood-to-focus/