| WSS āļāđāļ | āļŦāļąāļ§āļāđāļ | Splunk Product | āļāļąāļāļāđāļāļąāļ |
| 6.9 | Log Management | Splunk Enterprise / Cloud Platform | Log Collection, Indexing, Retention, āļāļēāļĄ āļ.āļĢ.āļ. āļāļāļĄāļāļīāļ§āđāļāļāļĢāđ |
| 7.1c | āļāļ§āļāļāļļāļĄāļāļ§āļēāļĄāđāļŠāļĩāđāļĒāļ | Splunk ES + Risk-Based Alerting (RBA) | Risk Scoring, Risk-based Alerting |
| 8.4e | Information Sharing | Splunk Mission Control | Threat Intel Sharing, TAXII/STIX |
| 9.1 | Monitoring & Threat Detection | Splunk Enterprise Security (ES) | SIEM, Correlation, Real-time Monitoring |
| 9.1a | āļāļĨāđāļāļāļĢāļ§āļāļāļąāļ | Splunk ES + Splunk UBA | Anomaly Detection, UEBA, ML-based |
| 9.1b | āļāļāļāļ§āļāļāļĨāđāļ | Splunk Security Posture Dashboard | Dashboard, Reporting, Review |
| 10.1 | Incident Response Plan | Splunk SOAR (Phantom) | SOAR, Automation, Playbook |
| 10.1a | āđāļāļ IR | Splunk SOAR | Incident Response Workflow |
| 10.1b | āļāļķāļāļāđāļāļĄāđāļāļ | Splunk SOAR Simulation | Tabletop Exercise Simulation |
| 10.1c | Crisis Communication | Splunk SOAR + Mission Control | Case Management, Collaboration |
| 11.1 | Recovery | Splunk IT Service Intelligence (ITSI) | Service Health, Recovery Verification |