Announcing the 2026 National Higher Education Boss of the SOC (BOTS) Winner

On April 15, 2026, teams of cyber defenders from across the country gathered for the annual Boss of the SOC (BOTS) competition — an event proudly sponsored by the North American Splunk‑sponsored Higher Education User Group. Designed specifically for the higher education community, this hands‑on event provided a collaborative forum for universities and research organizations to sharpen their security operations skills while learning alongside peers.

Boss of the SOC is a fast‑paced, blue‑team capture‑the‑flag competition that immerses participants in the role of a security operations center (SOC) analyst. Using the integrated power of Splunk Security, contestants raced against the clock to investigate alerts, analyze data, and respond to realistic security incidents drawn from massive, real‑world datasets—all within a safe, risk‑free environment.

Led by industry specialists and supported by the Higher Education User Group, the event emphasized practical learning, peer engagement, and shared best practices across the higher education security community. Participants tested their investigative instincts and tactical creativity while tackling challenges such as uncovering stealthy adversaries, pivoting across cloud and on‑prem data, and disrupting simulated threat actors like the infamous “Angry Alpaca” group.

Each year, the talent and determination on display continue to impress. The 2026 competition was no exception, showcasing the resilience, speed, and analytical skill of higher education cyber defenders working under pressure—skills that are critical to protecting today’s academic and research environments.

2026 Higher Education BOTS Winners:

• 1st Place Champions: Georgia Tech Research Institute (GTRI)
• 2nd Place: University of Georgia
• 3rd Place: The University of Arizona

Congratulations to our winners and to all participants who dedicated their time and expertise to this event. Your commitment to strengthening cybersecurity across higher education is exactly what the North American Splunk Higher Education User Group was created to support—community‑driven learning, collaboration, and skill development.

Interested in continuing your Boss of the SOC journey? You can play the original BOTS experience at bots.splunk.com, or join us at .conf26 for BOTS 11, debuting in September 2026.