Case Study: SAIC achieves a world-class SOC and 80% faster incident detection and remediation with Splunk

SAIC Builds New World-Class Security Operations Center

Science Applications International Corp. (SAIC), a leading technology integrator serving primarily U.S. government customers, needed to build a world-class Security Operations Center (SOC) and Computer Incident Response Team (CIRT) after a corporate split. Although it had many security tools, SAIC lacked a modern SIEM and full visibility across silos, and sought a more mature, agile approach to detect and remediate incidents faster.

SAIC deployed Splunk Enterprise and Splunk Enterprise Security as a single security-intelligence platform, indexing hundreds of gigabytes daily from firewalls, IDS, AV, servers and more to power custom correlation searches, dashboards and shared workflows between SOC and CIRT. The result: improved security posture and operational maturity, comprehensive enterprise visibility, more efficient SOC/CIRT collaboration, and an over 80% reduction in incident detection and remediation times (with faster investigations and examples like rapid malware containment and a 30-day Heartbleed response).

SAIC

Jonathan Jowers

Chief Information Security Officer