DATEV provides information services to ~2.5 million payrolling, accounting, and tax clients. Given the sensitivity of the personal and financial data that our clients process, DATAEV decided to establish a SOC to secure our clients' information, and we put Splunk at the core of its operations. In this session we will discuss four key elements relevant to building a successful SOC with Splunk. We'll first discuss how we formed our SOC and orchestrated its activities internally. We'll then discuss how we use MITRE's ATT&CK™ framework to prioritize activities, how we spread our SOC's security knowledge to all relevant groups at DATEV, and how we use Splunk to create real-time situational awareness for different SOC customers, for stakeholders, and for management.

Speaker(s)
Sebastian Schmerl, Head of Cyber Defense, Computacenter
Christian Heger, SOC Architect / Technical Head of SOC & Analyst, DATEV eG

Slides PDF link - https://conf.splunk.com/files/2019/slides/SEC1411.pdf?podcast=1577146248

Product: Splunk Enterprise, Splunk Business Flow
Track: Security, Compliance and Fraud
Level: Good for all skill levels