Security Journey

Table of Contents


For those trying to figure out how to build their security monitoring practice on Splunk, it can be useful to consult a guide for that. There are many available resources for building a SOC, or SIEM, or Monitoring Practice, and this guide will point you to a few.


Security Data Journey

Splunk’s security experts analyzed a typical path that Splunk customers take through their Splunk Journey and formed it into six maturity stages. These will help you understand what data to ingest when, and what challenges and milestones are typically faced as organizations move forward.

  1. The Security Data Journey walks you though the path that we typically see newer customers walk as the mature. It details each stage with milestones and common challenges.

  2. The Journey also includes the data sources that we commonly seen at each stage of the journey for users pursuing Security Monitoring.

  3. Drag the slider-bar on the right side to view the details for other stages of the Journey.

  4. All of the content in Splunk Security Essentials is oriented towards this journey, so that if you’re just getting started you can limit yourself to just Stage one.

Other Recommendations

Gartner: How to Plan, Design, Operate and Evolve a SOC

External Link

Book: Crafting the InfoSec Playbook

External Link

MITRE: Ten Strategies of a World-Class Cybersecurity Operations Center

External Link

.conf Preso: Maturing Workday’s SOC with Splunk

External Link

Gartner: The Five Characteristics of an Intelligence Driven Security Operations Center

External Link

.conf Preso: Exploring the Frameworks of Splunk Enterprise Security

External Link

CSIS: Recruiting and Retaining Cybersecurity Ninjas

External Link

Splunk: Building a SOC with Splunk

External Link