Let's Learn about the Splunk SOC

Apr 11, 2023, 9:30 – 11:30 PM

How the Splunk SOC Uses Splunk

About this event

Ever wonder how Splunk uses their own tools in their SOC? Come to our next event to hear directly from a Splunk SOC Incident Handler on:

• How Splunk’s SOC analysts leverage Splunk products internally at each phase of IR.

• How/why Splunk's SOC aligns use cases with MITRE ATT&CK, and how they get value out of that.

• How they leverage Risk Based Alerting to drive down the total number of risk events into a digestible amount of actionable alerts per day.

• Splunk as a source of metrics and 3 levels of metrics dashboards from high-level consumption to granular SOC performance metrics.

Speaker

  • Josh Wiley

    Splunk

    Senior Cyber Security Incident Handler

When

When

Tuesday, April 11, 2023
9:30 PM – 11:30 PM UTC

Organizers

  • Rich Galloway

    Splunk

    Splunk Consultant

  • Rutger Thomschutz

    Qmulos

    Washington DC User Group Leader

  • Rinaldi Rampen

    Salesforce

    User Group Leader

Contact Us