Extend your ability to safeguard sensitive information, achieve regulatory compliance, and mitigate risk with endpoint data loss prevention (DLP) and email DLP.

A new analyst shares their Cisco Live SOC experience, covering quick onboarding, using Cisco XDR and Endace for incident investigation, and building confidence in threat response.

Windows clients expose Active Directory DNS queries on public Wi-Fi, risking OSINT and credential leaks. Learn from Cisco Live SOC observations how to protect clients with VPNs .

Learn how Cisco Live SOC uses Splunk SPL and Endace PCAP to investigate exposed HTTP authentication and Kerberos activity, securing sensitive data on public Wi-Fi networks.

Cisco Security and Splunk protected Cisco Live Melbourne 2025 in the Security Operations Centre. Learn about the latest innovations for the SOC of the Future.

Explore a Cisco TME's experience in the Cisco Live SOC, detailing efficient onboarding, incident escalation, and a real-world DDoS attack investigation and response.

Splunk's coalesce function treats empty fields as non-null. Learn to use Splunk macros to convert empty strings to nulls for accurate data selection and reliable detections.

Cisco Live SOC adapted Splunk ESCU detections for Cisco Secure Firewall syslog. Learn to modify macros and promote EVE events to incidents for enhanced threat visibility and response.

Recap Cisco Live Melbourne SOC tours: See how Cisco XDR and Splunk Enterprise Security integrate for rapid threat containment, enhanced visibility, and analyst empowerment.

Learn how Cisco XDR, Splunk, and Firewall were used at Cisco Live Melbourne to rapidly investigate and resolve a malicious traffic spike incident on attendee Wi-Fi.

Cisco Security and Splunk secured the GovWare 2025 network in the Security Operations Centre. Learn about the latest innovations for the SOC of the Future.

At GovWare 2025, the team leveraged Splunk Attack Analyzer's API to connect to Endace.

During GovWare, Cisco XDR detected 39 incidents. The SOC team conducted analysis and response actions, and reported critical incidents to the GovWare NOC.

At GovWare 2025, the SOC team combined ES with Splunk SOAR to fully automate and track the incident response process.

Cisco provided a splash page for GovWare 2025, a click-through captive portal. Learn how the team did it.

Learn about the "SOC in a Box" hardware refresh the team deployed for GovWare 2025.

At GovWare 2025, the SOC team observed ECH activity. Learn more about this and how it impacted security.

At GovWare, we showcased a proof of concept built on Cisco's Foundation AI model on Hugging Face.

Secure Access served as the primary method of securing DNS-layer traffic for the GovWare 2025 Security Operations Centre (SOC).