As the types of devices and applications used in IT organizations increase exponentially, scaling the analytics-driven SOC becomes even more imperative. In this session Splunk Professional Services will help you learn from its past experiences architecting Splunk Enterprise Security environments for scale into the terabytes per day. We will share technical details on improvements to search technology and Data Model Acceleration in Splunk Enterprise that will help you increase performance and decrease total cost of ownership. We will also take a deep dive under-the-hood into Splunk Enterprise Security Frameworks in which you should make special considerations for high volume.  Finally, we'll share important metrics on how to monitor the ongoing health of your Enterprise Security deployment, ensuring you stay on track over time, even in periods of rapid growth.

Speaker(s)
Marquis Montgomery, Principal Security Architect, Splunk

Slides PDF link - https://conf.splunk.com/files/2019/slides/SEC2120.pdf?podcast=1577146234