Gear Up for Boss of the SOC 10 at Splunk GovSummit 2026
Industries Tom SmitKey takeaways
- Boss of the SOC (BOTS) is a team-based cybersecurity competition where participants use Splunk tools to investigate and stop simulated cyberattacks.
- The event will take place a day before Splunk GovSummit on April 7, giving attendees a chance to test their skills, learn new techniques, and compete for bragging rights.
- Anyone with basic cybersecurity or Splunk knowledge can participate, with hints, coaches, and resources available to help teams succeed.
Fresh off the heels of BOTS10 at .conf25, we’re bringing the ultimate security showdown to GovSummit. Want in? Join us at the Marriott Marquis on April 7,1–5 pm, for an afternoon of connections, bragging rights, and, of course, competition fuel!
What is Boss of the SOC?
Boss of the SOC (BOTS) is a blue-team, Jeopardy!-style capture-the-flag (CTF) competition where participants test their skills and knowledge of Splunk security products to avoid a simulated cyberattack. The questions require competitors to understand both Splunk and open source intelligence (OSINT) to think outside the box and come out on top.
What’s the Situation?
The Frothly team has added a hot dog truck to their growing brewery business that's now being targeted by hungry competitors and cybercriminals alike. An attack by the notorious Angry Alpaca group is brewing. Do you have what it takes to stop them in their tracks?
Use Splunk Enterprise, Splunk Enterprise Security, Splunk SOAR, and Attack Analyzer (plus a few other surprises!) to beat the bad guys. True to form, we’ll also have our easter egg questions where anything goes. It’s time to roll up your sleeves and put those investigative skills to work!
Should I Participate?
Yes! If you know a little about Splunk security solutions and general cybersecurity, this activity is for you. Don’t forget to bring your desire to learn something new and have fun. BOTS is a team sport, so bring your crew along for the ride!
You’ll face questions of all difficulty levels, and each one comes with hints. Have no fear! Coaches are onsite to assist if necessary.
How Can I Prepare?
- Register for GovSummit 2026 and look for a follow-up email from the BOTS team to secure your spot.
- Bring a laptop equipped with WiFi and a supported web browser. Note: Government-owned laptops may have trouble connecting to external Splunk instances.
- Review previous BOTS events, workshops, and other security-focused content.
- Check out the “Hunting with Splunk” blog series. Mastering these topics will help you answer BOTS questions faster.
- Take our free training.
Have questions? Please reach out to splunkbots@cisco.com. We can’t wait to see you there!
Related Articles
Using Splunk to Detect Abuse of AWS Permanent and Temporary Credentials
Introducing a New Splunk Add-On for OT Security
