Ever wonder how Splunk uses their own tools in their SOC? Come to our next event to hear directly from a Splunk SOC Incident Handler on:

• How Splunk’s SOC analysts leverage Splunk products internally at each phase of IR.

• How/why Splunk's SOC aligns use cases with MITRE ATT&CK, and how they get value out of that.

• How they leverage Risk Based Alerting to drive down the total number of risk events into a digestible amount of actionable alerts per day.

• Splunk as a source of metrics and 3 levels of metrics dashboards from high-level consumption to granular SOC performance metrics.