Join us for a conversation with Tony Iacobelli, Sr. Manager of Splunk Advanced Response Team. Tony will enlighten us about Splunk’s internal Threat Response Team on how they use the Splunk Suite of products to protect Splunk. We’ll deep dive on the people, products, and processes that enable efficient detection and response. Tony will take us through how they translate business requirements into security controls, and how they iterate on those controls to ensure they achieve the best possible security posture for Splunk. From ideating new controls to testing and implementation, there is never a dull moment in the Splunk SOC, and they are excited to share the experiences with you. They will be able to answer any questions you may have about the efforts to build a world-class Splunk based SOC.

We will discuss how they leverage Splunk Cloud with Enterprise Security, Splunk SOAR, Spunk Attack Analyzer and Splunk on Call, along with a comprehensive threat response workflow, to achieve an efficient and effective SOC. You’ll also get an understanding of how they leverage the Splunk Risk Based Alerting framework within Enterprise Security to reduce the overall alert volume and increase alert fidelity. Sounds like magic, but it really has had a positive impact on our processes.