[Register Here ]  This thread is for the Community Office Hours session on  Security: Insider Threats on Wednesday, Feb 18, 2026 at 11 am PT / 2 pm ET. 

Ask the experts at Community Office Hours! An ongoing series where technical Splunk experts answer questions and provide how-to guidance on various Splunk product and use case topics.

What can I ask in this AMA?

• What are the most common insider threats today, and what are the typical indicators associated with them?
• What are the key considerations when detecting and analyzing insider threats?
• What are the best practices for detecting and investigating insider threats using Splunk?
• How can I maximize the use of threat intelligence and contextual insights when investigating insider threats?
• How can I best leverage data from Splunk to understand insider threat trends?
• How can machine learning and AI be used to scale your analytics?
• Can you provide insights on how User and Entity Behavior Analytics (UEBA) helps detect insider threats? How does the risk scoring work?
• Any other questions about the team’s content and resources! 

Please submit your questions at registration. You can also head to the #office-hours user Slack channel to ask questions (sign in with SSO here). 

Pre-submitted questions will be prioritized. After that, we will open the floor up to live Q&A with meeting participants.

Look forward to connecting!