Let's Learn about the Splunk SOC

Apr 11, 2023, 9:30 – 11:30 PM

Washington DC Splunk User Group

How the Splunk SOC Uses Splunk

About this event

Ever wonder how Splunk uses their own tools in their SOC? Come to our next event to hear directly from a Splunk SOC Incident Handler on:

• How Splunk’s SOC analysts leverage Splunk products internally at each phase of IR.

• How/why Splunk's SOC aligns use cases with MITRE ATT&CK, and how they get value out of that.

• How they leverage Risk Based Alerting to drive down the total number of risk events into a digestible amount of actionable alerts per day.

• Splunk as a source of metrics and 3 levels of metrics dashboards from high-level consumption to granular SOC performance metrics.

Speaker

  • Josh Wiley

    Splunk

    Senior Cyber Security Incident Handler

When

When

Tuesday, April 11, 2023
9:30 PM – 11:30 PM UTC

Organizers

  • Rich Galloway

    Splunk

    Splunk Consultant

  • Rutger Thomschutz

    Qmulos

    Washington DC User Group Leader

  • Rinaldi Rampen

    Salesforce

    User Group Leader

Contact Us