Be the Boss of the SOC with Okta and Splunk

Ever dreamed of being Splunk’s Boss of the SOC (BOTS)? Splunk launched “BOTS Partner Experiences” to let you do that with real-life experiences that expose you to more data sets—especially ones similar to what you might find in your real-world environments. With identity-based attacks becoming the predominant conduit for credential compromises, understanding how to search for relevant identity-related information in your log aggregation solution is vital. For the Okta Partner Experience, you’ll sift through application authentication logs, multi-factor enrollments, server access activities initiated via Okta Advanced Server Access, and a slew of other events. All of these events are sent to Splunk Enterprise, which serves a significant role in cybersecurity monitoring, detection, threat hunting, and general identity management operations and reporting. 

Once you enter the experience with your splunk.com account, you immerse yourself in a day managing the SOC at Coffeecase, a Bay-area startup that markets curated coffee subscription boxes to under-caffeinated consumers worldwide. Coffeecase has a “bad day” on July 28th, 2022, when various exciting adversaries attack them. These adversaries leverage modern identity-based attacks. During this experience, you’ll investigate failed logins, MFA factors, automatic identity lifecycle provisioning functions, Okta sign-on policies at the global and application level, session cookie reuse attacks, and many other realistic pieces of data.

Okta Splunk SOC Experience

Pretty cool, right? Play now to experience the BOTS Okta Partner Experience to get you ready for real-life situations that come your way. 

Learn more about the Okta and Splunk integration here.