Announcing the 2026 National Higher Education Boss of the SOC (BOTS) Winner
Industries Tom SmitKey takeaways
- The 2026 Boss of the SOC competition brought together higher education cybersecurity teams to practice real-world threat detection and response using Splunk Security tools.
- Participants worked through hands-on challenges that tested their ability to investigate attacks, analyze data, and respond quickly under pressure.
- The event highlighted the importance of collaboration, skill-building, and community learning in strengthening cybersecurity across colleges and universities.
On April 15, 2026, teams of cyber defenders from across the country gathered for the annual Boss of the SOC (BOTS) competition — an event proudly sponsored by the North American Splunk‑sponsored Higher Education User Group. Designed specifically for the higher education community, this hands‑on event provided a collaborative forum for universities and research organizations to sharpen their security operations skills while learning alongside peers.
Boss of the SOC is a fast‑paced, blue‑team capture‑the‑flag competition that immerses participants in the role of a security operations center (SOC) analyst. Using the integrated power of Splunk Security, contestants raced against the clock to investigate alerts, analyze data, and respond to realistic security incidents drawn from massive, real‑world datasets—all within a safe, risk‑free environment.
Led by industry specialists and supported by the Higher Education User Group, the event emphasized practical learning, peer engagement, and shared best practices across the higher education security community. Participants tested their investigative instincts and tactical creativity while tackling challenges such as uncovering stealthy adversaries, pivoting across cloud and on‑prem data, and disrupting simulated threat actors like the infamous “Angry Alpaca” group.
Each year, the talent and determination on display continue to impress. The 2026 competition was no exception, showcasing the resilience, speed, and analytical skill of higher education cyber defenders working under pressure—skills that are critical to protecting today’s academic and research environments.
2026 Higher Education BOTS Winners:
- 1st Place Champions: Georgia Tech Research Institute (GTRI)
- 2nd Place: University of Georgia
- 3rd Place: The University of Arizona
Congratulations to our winners and to all participants who dedicated their time and expertise to this event. Your commitment to strengthening cybersecurity across higher education is exactly what the North American Splunk Higher Education User Group was created to support—community‑driven learning, collaboration, and skill development.
Interested in continuing your Boss of the SOC journey? You can play the original BOTS experience at bots.splunk.com, or join us at .conf26 for BOTS 11, debuting in September 2026.
Related Articles
Enhancing SOC Efficiency with OCSF & Splunk Enterprise Security
Splunk Security Content for Impact Assessment of CrowdStrike Windows Outage
