Identify and Prioritize
Your Cybersecurity Defenses

What is a


use case


Discovers and catalogs security detection rules for your organization.

Prioritizes these security use cases (early maturity/highest value to later maturity).

Analyzes and documents the data sources required to build those detection rules.

The result is a prescriptive path to mature your organization’s cyber defense program.

of the
Use Case

Security advice providing a roadmap outlining which security events for which to build detections.

Prioritization of these use cases.

Gap analysis based upon the security use cases selected, recognizing gaps in your organization's security posture.

Recommendations tied to the number of use cases that your Security Operations Center team can realistically respond to.

Log and data sources required to enable these detection rules.

Proper sizing of SIEM licensing, so license acquisition is neither under-scoped nor over-scoped.

Assist with sizing of the infrastructure required for any Splunk deployment. The required infrastructure is dependent upon the number of correlation searches occurring in your SIEM, which in turn are dependent upon the use cases that feed those correlation searches.

On-point estimation for implementation or expansion of your SIEM. Detailed requirements guide project estimation, and vary from organization to organization as determined by:

Secondary Benefits
of the
Security Use Case

See How a Security Use Case Workshop
Will Benefit Your Organization.