Skip to main content

About Us

SURGe by Splunk, your trusted advisor for timely security research and guidance

Many organizations often look to Splunk as their first tool to monitor and investigate security incidents. SURGe by Splunk was developed to support security teams during the initial incident review of emerging threats. Made up of Splunk security experts, threat researchers, and advisors, SURGe is your trusted partner and advisor, providing technical response guides and contextual analyses in the form of research papers and webinars. These assets help assess the impact and provide situational awareness for security teams.

Together with SURGe, you can:

  • Supercharge your blue team with security experts and research-based content.
  • Improve operational processes with step-by-step guides.
  • And most importantly, strengthen defenses with an unparalleled, integrated system of security technologies in security analytics, automation, and threat intelligence.

Our Mission

Our mission is to provide appropriate context and timely recommendations on the latest global breaking security news for organizations to navigate incidents with confidence.

How SURGe works

To keep our customers protected, SURGe actively evaluates the latest CISA alerts to determine the level of impact and severity to Splunk customers and the broader security community. Based on our internal rubric scoring and direction from leadership, SURGe will create technical blogs and trusted security research to help organizations stay proactive in securing their business. We also know that it's important to be proactive. To help solve the threats of tomorrow, SURGe will release larger research projects using Splunk’s products and commonly used tools or partners.


Ryan Kovar

Distinguished Security Strategist and leader of SURGe

Ryan joined Splunk in 2014 and currently serves as a distinguished security strategist and leader of SURGe, Splunk’s “Blue-collar for the Blue team” security research arm. With over 20 years of experience as a security analyst, threat hunter, defender and Unix plumber, Ryan loves traveling the world and researching the biggest problems for Splunk’s customers. Prior to joining Splunk, he worked at organizations like DARPA, US Navy, UK Home Office, and a variety of public/private companies, always in a security practitioner or leader role. Ryan has an MSc in Cyber Security from the University of Westminster, more certifications than he remembers, and has an abject hatred of printers.


Tamara Chacon

Security Strategist, SURGe

Tamara was born and raised in Colorado Springs, CO. She graduated from the University of Northern Colorado in Criminal Justice and Anthropology. She is a security strategist on the Splunk SURGe team and is currently based out of Virginia. When she is not working, she loves to play with her wild boxers, golf and cook.


Mick Baccio

Mick fell in love with the idea of cyberspace around nine years old after reading Neuromancer. Before joining Splunk, he was the Chief Information Security Officer at Pete for America, holding the honor of being the first CISO in the history of presidential campaigns, and was also the White House Threat Intelligence Branch Chief in both the Obama and Trump administrations. When not posting pictures of food, cats or Air Jordans to social media, Mick is a Goon at DefCon, and teaches lockpicking.


Marcus LaFerrera

Senior Manager, SURGe

Marcus has been in the security field longer than he'd like to admit. Most of his experience before joining Splunk as a security strategist has been supporting various government agencies. He has done everything from leading SOCs, to building threat hunting teams, to research and development. As an avid open source enthusiast, he has contributed to several projects as well as the lead maintainer on many more. When not modifying his .vimrc or .tmux.conf files, he enjoys family time, hiking, mentoring and craft beer.


Shannon Davis

Global Staff Security Strategist, SURGe

Shannon hails from Melbourne, Australia. Originally from Seattle, Washington, he has worked in a number of roles: a video game tester at Nintendo (Yoshi's Island broke his spirit), a hardware tester at Microsoft (handhelds have come a long way since then), a Windows NT admin for an early security startup and one of the first Internet broadcast companies, along with security roles for companies including Juniper and Cisco. Shannon enjoys getting outdoors for hikes and traveling.


Audra Streetman

Security Strategist, SURGe

Before arriving at Splunk, Audra worked as a reporter, producer and news anchor at local TV stations in Indiana, California, Kentucky and Colorado. As a journalist, she covered several major cybersecurity stories including SolarWinds and ransomware attacks targeting Colonial Pipeline, JBS and Kaseya. In her free time, she enjoys hiking and skiing in the Colorado Rockies.


Johan Bjerke

Principal Security Strategist

Johan works for SURGe and is based in Stockholm, Sweden. He is a researcher and contributor to Splunk’s security Rapid Response events, is the lead developer for Splunk Security Essentials — the most popular app on Splunkbase — and is an active contributor to the global Splunk and security communities. Johan is also chairing the Splunk Security SME community group in EMEA.


Kelcie Bourne

Security Strategist, SURGe

Kelcie currently calls Melbourne, Australia, home. Her passion for cybersecurity really began with a childhood dream of one day becoming a spy, but her journey professionally began originally as an SE in the commercial patch in Australia. Here, she dealt mostly with customers building out their security posture and developing security maturity. Prior to this, Kelcie has a background across different domains in data science. As part of SURGe, Kelcie supports their security research efforts across APAC and globally. Music, climbing, running and always discovering new hobbies play a large part in her personal life outside of work.


David Bianco

Staff Security Strategist

David has been involved in information security for more than 20 years, working with Fortune 500 companies, Wall Street firms, public utilities and major universities on incident detection and response. He credits his early focus on network security with honing his skills in extracting the most information possible from just the network data, before moving ahead to other areas.


Ryan Fetterman

Technical Staff Security Strategist

Ryan joined the SURGe team after a decade spent in windowless basements conducting government research and consulting. Ryan holds doctorate and masters degrees from George Washington University, and a cybersecurity undergraduate degree from Penn State University. He sometimes holds controversial opinions, like “you don’t need machine learning for that.”