I have listed these best practices below in table format with more detail on the “why” then what is in the session slides. It’s more around “I need to measure technical controls in Splunk” versus “I want to use Splunk for general threat detection/response”, even though the latter typically is a part of compliance. Credit…