Let's Learn about the Splunk SOC

Apr 11, 2023, 9:30 – 11:30 PM

How the Splunk SOC Uses Splunk

About this event

Ever wonder how Splunk uses their own tools in their SOC? Come to our next event to hear directly from a Splunk SOC Incident Handler on:

• How Splunk’s SOC analysts leverage Splunk products internally at each phase of IR.

• How/why Splunk's SOC aligns use cases with MITRE ATT&CK, and how they get value out of that.

• How they leverage Risk Based Alerting to drive down the total number of risk events into a digestible amount of actionable alerts per day.

• Splunk as a source of metrics and 3 levels of metrics dashboards from high-level consumption to granular SOC performance metrics.


  • Josh Wiley


    Senior Cyber Security Incident Handler



Tuesday, April 11, 2023
9:30 PM – 11:30 PM UTC


  • Rich Galloway


    Splunk Consultant

  • Rutger Thomschutz


    Washington DC User Group Leader

  • Rinaldi Rampen


    User Group Leader

Contact Us