Consist wins the world's largest "Boss of the NOC" competition

San Francisco - Kiel – On October 19, 2020 the time had come: At the beginning of Splunk .conf20, the world's largest “Boss of the SOC” (BOTS) and “Boss of the NOC” (BOTN) competition hosted by Splunk started. The security and analytics experts from Consist were not only able to win the “Boss of the NOC” for Europe, but were also first in the global ranking and thus once again at the top of the world. This achievement is also underlined by the second place that the team achieved at this year's “Boss of the SOC” in the AMER region with the most participants.

Three individual four-hour blocks for three time zones were opened over 24 hours. Thanks to the virtual format for the first time, participants from such different areas as Australia (APAC), Austria (Austria / EMEA) and Alberta (AMERICAS) could compete against each other at the same time. The result was 2,160 competitors in 966 teams, which brought the Splunk organization team almost to the limit of its server capacities.

The "Boss of the NOC" is all about IT-Ops scenarios as they can occur in the real life of a network operations center. One has to solve application cases from a wide variety of industries in a limited period of time. The contestants take on the role of analysts who support a managed service provider and several companies with AIOps (Artificial Intelligence for IT Operations). With the help of artificial intelligence (AI), machine learning (ML) and big data, the collected data is analyzed in order to identify problems or anomalies and react appropriately.

New to this year's BOTN (v4) were not only other data sources such as GCP (Google Cloud Platform), AWS (Amazon Web Services) or Zoom, but also so-called "Lightning Rounds" that suddenly popped up in between to simulate real sudden incidents.

With the BOTS, the security analysts were also required to react quickly and confidently. The teams had to deal with a large number of security incidents that occurred in a realistic but fictitious corporate environment. What is special, if not unique, about this Capture-the-Flag competition is the fact that it recreates the life of a security analyst facing an adversary at all stages of an attack.

So that it doesn't even come to those scenarios in real life, Consist consultants and managed services teams prefer to use their excellent Splunk knowledge proactively during operation.