Security Operations Center (SOC)
GovWare 2025 Security Operations Centre
5 min read
Cisco Security and Splunk secured the GovWare 2025 network in the Security Operations Centre. Learn about the latest innovations for the SOC of the Future.
From Detection to Deep Dive: Splunk Attack Analyzer and Endace for GovWare 2025 Security
5 min read
At GovWare 2025, the team leveraged Splunk Attack Analyzer's API to connect to Endace.
Unmasking Attacks With Cisco XDR at the GovWare SOC
4 min read
During GovWare, Cisco XDR detected 39 incidents. The SOC team conducted analysis and response actions, and reported critical incidents to the GovWare NOC.
Splunk SOAR in Action at the GovWare: Zero-Touch Clear Text Password Response
3 min read
At GovWare 2025, the SOC team combined ES with Splunk SOAR to fully automate and track the incident response process.
GovWare Captive Portal: (Splash Page)
5 min read
Cisco provided a splash page for GovWare 2025, a click-through captive portal. Learn how the team did it.
SOC in a Box Hardware Refresh
3 min read
Learn about the "SOC in a Box" hardware refresh the team deployed for GovWare 2025.
Monitoring Encrypted Client Hello (ECH) With Cisco Secure Firewall
4 min read
At GovWare 2025, the SOC team observed ECH activity. Learn more about this and how it impacted security.
Cisco XDR Agentic AI With Cisco’s Foundational AI Model
3 min read
At GovWare, we showcased a proof of concept built on Cisco's Foundation AI model on Hugging Face.
Hunting the Suspicious Network Activity at GovWare 2025 Using Splunk
3 min read
Learn how the SOC team conducted threat hunts using Splunk at GovWare.