Security Onion Conference (SOC) 2022


Fri Sep 30 2022 at 08:00 am to 05:00 pm


Georgia Cyber Center | Augusta, GA

Join us for the annual Security Onion Conference LIVE in Augusta, GA!
About this Event

What is Security Onion?

Security Onion 2 is a free and open Linux distribution for threat hunting, enterprise security monitoring, and log management. It includes Playbook & Sigma, Fleet & Osquery, CyberChef, Elasticsearch, Logstash, Kibana, Suricata, Zeek, Wazuh, and many other security tools. Security Onion has been downloaded over 2 million times and is being used by security teams around the world to monitor and defend their enterprises. Our easy-to-use Setup wizard allows you to build an army of distributed sensors for your enterprise in minutes!

For more about Security Onion, please see:

Why should I attend the Security Onion Conference?

We will have several prominent members of the community giving talks about tools and techniques (see full speaker lineup below). This is your chance to meet with other members of the community, talk about what works and what doesn't, and take your skills to the next level.  

Reserve your seat today!

Please note that NO tickets will be sold at the door.  All attendees must pre-purchase their tickets.

Save the day after Security Onion Con for BSidesAugusta, another great Augusta conference. Tickets for BSidesAugusta or associated training classes can be purchased here.

NOTE: If you already have a ticket to one of the training events at BSidesAugusta 2022, September 26-29, then you already have a ticket for Security Onion Conference 2022! Watch your email for more details.

For more details about the Security Onion Conference, including past conference recordings, please see the Conference page on our website.

Where is the conference being held?

This year's conference is being held at the beautiful Georgia Cyber Center.

The address is:

Hull-McKnight Building

Plug ‘n’ Play Room (Auditorium)

100 Grace Hopper Lane

Augusta, Georgia

Google Maps of Georgia Cyber Center:

Park in the adjacent parking deck. Parking at that deck (and only that deck) is free for attendees. Attendees will be provided one validated parking pass for that deck.

Is there a preferred hotel?

Security Onion Conference uses the same preferred hotels as the BSidesAugusta conference. You can find those here.

What if I'm attending any of the training events 9/26-9/29 associated with BSidesAugusta?

All BSidesAugusta trainings include admission to Security Onion Conference on 9/30 and BSidesAugusta on 10/1. If you registered for any BSidesAugusta trainings, watch your e-mail for more details closer to the date of the conference.

Schedule (Subject to change)

8:00 AM - Doors open; Chick fil-A breakfast

9:00 - Opening Remarks

9:15 - Wes Lambert - Watching the Watchers: Layering Detection and Deception to Defend Visibility

10:15 - Robert Wilson, Alex Galloway, and Jonathan Martin - SOAR, SOC, and Scholars - How UofSC Develops its Security Operations Processes, Staff, and Students

11:00 - Morning Break

11:20 - Josh Brower - Increasing your Situational Awareness with SOC Dashboards

12:00 - Shane's Rib Shack Lunch

1:15 PM - Rhett Greenhagen - Turning Security Onion into an insider threat tool

2:00 - Afternoon Break

2:20 - Chris Sistrunk - Tuning ICS Security Alerts: An Alarm Management Approach

3:15 - Doug Burks - State of the Onion

Light Breakfast (Subject to change)


Chicken Biscuit

Sausage Biscuit

Buttered Biscuit



Orange Juice

Lunch Menu (Subject to change)

Shane's Rib Shack

Chopped Pork and Chopped Chicken

Baked Beans

Green Beans

Peach Cobbler or Banana Pudding

Sweet/Unsweet Tea

What is the registration deadline?

The last day to register for a General Admission ticket is Friday, September 23.

Please note that NO tickets will be sold at the door.  All attendees must pre-purchase their tickets.

Will there be Security Onion training before the Conference this year?

Yes! We are offering Security Onion 2 Fundamentals for Analysts and Administrators, September 26-29, at BSidesAugusta. For more information and a link to register, click here.

What's the refund policy?

You may log into your Eventbrite account and request a refund up until the last day of general ticket sales.  Please use the "Request a Refund" button as shown here:

Is there a discount for students or employees of non-profit companies?

Yes, please contact us using the "Contact Security Onion Solutions LLC" link below, provide the details of your situation, and request the appropriate discount code.

Can I use multiple discount codes?

Sorry, discounts cannot be combined.

What COVID-19 protocols will be in place for the conference?

We will follow the COVID-19 protocols in place for the conference facility on the date of the event. We will post more relevant information as the conference approaches.


Where is it happening?

Georgia Cyber Center, Hull-McKnight Building, Plug ‘n’ Play Room (Auditorium), Augusta, United States

Event Location & Nearby Stays:


USD 99.00

Security Onion Solutions LLC

Host or Publisher Security Onion Solutions LLC

It's more fun with friends. Share with friends