We use cookies to ensure that we give you the best experience on our website. By continuing your visit on the website, you consent to the use of the cookies. If you want to find out more about the cookies we use, you can access our Privacy Policy.
OK

Let's Learn about the Splunk SOC

Washington DC Splunk User Group

Tue, Apr 11, 9:30 PM (UTC)

39
RSVPs

About this event

Ever wonder how Splunk uses their own tools in their SOC? Come to our next event to hear directly from a Splunk SOC Incident Handler on:

• How Splunk’s SOC analysts leverage Splunk products internally at each phase of IR.

• How/why Splunk's SOC aligns use cases with MITRE ATT&CK, and how they get value out of that.

• How they leverage Risk Based Alerting to drive down the total number of risk events into a digestible amount of actionable alerts per day.

• Splunk as a source of metrics and 3 levels of metrics dashboards from high-level consumption to granular SOC performance metrics.

Speaker

  • Josh Wiley

    Splunk

    Senior Cyber Security Incident Handler

When

When

Tuesday, 11 April
5:30 PM - 7:30 PM (EDT)

Where

Where

Splunk office
7900 Tysons One Pl #1100
McLean, 22102

Venue map

Organizers

  • Rich Galloway

    Mainline RTP

    Splunk Consultant

  • Rutger Thomschutz

    Washington DC User Group Leader

  • Rinaldi Rampen

    Salesforce

    User Group Leader