Getting Started Guide: Detecting and preventing fraud with the Splunk App for Fraud Analytics
The Splunk App for Fraud Analytics (SFA) is a comprehensive fraud detection solution built on the existing development frameworks included with Splunk Enterprise Security. SFA offers fraud teams a standardized workflow, extensive interactive visual investigation capabilities, and a robust risk-based alerting framework, which is completely customizable and extensible. Using the risk-based alerting framework, SFA provides fraud prevention teams the ability to improve alert fidelity and reduce false positives, ensuring that financial, legal, compliance, and reputational losses are minimized. The Splunk App for Fraud Analytics supports use cases and detections within financial services, unemployment insurance, and healthcare verticals. Detections of fraud in financial services include account takeovers, new account fraud, anti-money laundering, and other use cases. This article focuses on enabling the following use cases.
This guide includes the installation and configuration of the Splunk App for Fraud Analytics, and delivers the capability for customers to monitor for and detect the above mentioned use cases. This guide does address advanced architecture or role-based access control (RBAC) issues that some organizations might require for a proper fraud monitoring implementation.
It is highly recommended that you have some fraud domain knowledge to be successful in implementing this guidance independently.
If this is your first time using the Splunk App for Fraud Analytics, click Next step to continue reading information on how to install the app and prepare to deploy use cases. Otherwise, select one of the use cases above.