Have You Seen My Domain Controller?
Windows clients expose Active Directory DNS queries on public Wi-Fi, risking OSINT and credential leaks. Learn from Cisco Live SOC observations how to protect clients with VPNs .
Cisco Breach Protection
Splunk in Action: From SPL to PCAP
Learn how Cisco Live SOC uses Splunk SPL and Endace PCAP to investigate exposed HTTP authentication and Kerberos activity, securing sensitive data on public Wi-Fi networks.
Cisco Live Melbourne 2025 SOC
Cisco Security and Splunk protected Cisco Live Melbourne 2025 in the Security Operations Centre. Learn about the latest innovations for the SOC of the Future.
Cisco Live Melbourne Case Study: Cisco Live TMC Experience and DDoS
Explore a Cisco TME's experience in the Cisco Live SOC, detailing efficient onboarding, incident escalation, and a real-world DDoS attack investigation and response.
In Splunk, Empty Fields May Not Be Null
Splunk's coalesce function treats empty fields as non-null. Learn to use Splunk macros to convert empty strings to nulls for accurate data selection and reliable detections.
Firewall and Splunk ESCU Integration at the Cisco Live Melbourne SOC
Cisco Live SOC adapted Splunk ESCU detections for Cisco Secure Firewall syslog. Learn to modify macros and promote EVE events to incidents for enhanced threat visibility and response.
Beyond the First Clue: XDR Forensics at Cisco Live Melbourne 2025
SOC teams need more evidence for deep investigations. Learn how Cisco XDR Forensics provides rich, interactive data to trace complex attacks and uncover malicious content.
Hunting Compromised Credentials in Real Time: Integrating StealthMole With Cisco XDR at Cisco Live Melbourne
Learn how Cisco XDR integrates with StealthMole for real-time dark web threat intelligence, enabling SOC teams to rapidly identify and respond to compromised credentials.
Cisco Live Melbourne Case Study: Investigation Into a High Traffic Spike
Learn how Cisco XDR, Splunk, and Firewall were used at Cisco Live Melbourne to rapidly investigate and resolve a malicious traffic spike incident on attendee Wi-Fi.