Security Workshops
Security Workshops
Premium Workshops Designed by SP6 Engineers
A Defined Path Toward Maturing Your Cyber Defense Program
Security workshops allow your organization to identify and prioritize your cybersecurity defenses. At SP6, these professional services were uniquely developed by our in-house Splunk engineers. Each workshop has capabilities to target projects with a singular goal or pinpoint objectives that contribute to overall improved security posture.
SP6 security workshops allow you to discover and catalog security detection rules for your organization, prioritize these security use cases based on maturity, and analyze and document the data sources required to build detection rules. The result? Your organization can look forward to leveraging a defined path toward maturing your cyber defense program.
Four Objective-Driven Premium Workshops to Kickstart the Process
Security Use Case Workshop
Receive a comprehensive, MITRE ATT&CK-based roadmap for building security event detections and prioritizing use cases.
SIEM Replacement Workshop
Receive a detailed deployment plan for replacing an older SIEM with Splunk Enterprise Security.
Security Maturity Workshop
Receive a complete review of your entire security environment, followed by a prioritized remediation plan.
Architecture Development Workshop
Receive expert guidance on how to efficiently deploy Splunk in a complex environment.
Benefits to Your Organization
- Receive security advice that outlines what detections to build based on key security events.
- Prioritize use cases based on your unique security roadmap.
- Perform a gap analysis based on the security use cases selected, identifying gaps in your organization’s security posture.
- Utilize recommendations related to the number of use cases that your security operations center team can realistically intake.
- Log data sources required to enable your personalized detection rules.
- Tailor your organization’s SIEM licensing so acquisition is neither under-scoped nor over-scoped.
- Receive assistance with sizing of the infrastructure required for any Splunk deployment.
- – NOTE: The required infrastructure is dependent upon the number of correlation searches occurring in your SIEM, which in turn are dependent upon the use cases that feed those correlation searches.
- Estimate implementation or expansion of your SIEM precisely.
– NOTE: Detailed requirements guide project estimation and vary from organization to organization as determined by:- The number of detection rules selected
- Data sources that these detection rules are dependent upon
- Amount of custom versus out-of-the-box security use cases
- Several other factors
