Ever wonder how Splunk uses their own tools in their SOC? Come to our next event to hear directly from a Splunk SOC Incident Handler on: • How Splunk’s SOC analysts leverage Splunk products internally at each phase of IR. • How/why Splunk's SOC aligns use cases with MITRE ATT&CK, and how they get value out of that. • How they leverage Risk Based Alerting to drive down the total number of risk events into a digestible amount of actionable alerts per day. • Splunk as a source of metrics and 3 levels of metrics dashboards from high-level consumption to granular SOC performance metrics.
Splunk
Senior Cyber Security Incident Handler
Tuesday, April 11, 2023
9:30 PM – 11:30 PM UTC
Splunk
Splunk Consultant
Washington DC User Group Leader
Salesforce
User Group Leader