Case Study: University of Texas at Austin achieves faster threat detection and improved network security with Splunk

Ensuring Network Security for a Distributed Campus

The University of Texas at Austin, a large state research university with a 350‑acre campus and up to 120,000 connected devices, faced the challenge of securing a highly distributed network without the rigidity of a traditional SIEM. Its Information Security Office needed a flexible way to correlate network and system logs across nearly 200 buildings and many departmental units to move from reactive monitoring to proactive threat detection.

UT Austin deployed Splunk Enterprise with distributed forwarders, a robust search infrastructure and ecosystem apps for anomaly and geolocation detection, enabling fast correlation of diverse log sources. The result: searches that once took 10 minutes now run in seconds, automated malware detection and faster signature deployment, containment of incidents like the Flashback Trojan, dozens of campus instances, and hundreds of analyst hours saved while improving overall security posture and reducing organizational risk.

University of Texas at Austin

Cam Beasley

CISO, Information Security Office University of Texas, Austin