Threat Hunting with Splunk Workshop: Difference between revisions

From HOPE Wiki
No edit summary
Line 9: Line 9:


== Abstract ==
== Abstract ==
abstract text goes here
NOTE: THIS IS A VIRTUAL WORKSHOP, but takes place live at A New HOPE<br>
<br>
Splunk is "Google for log data" and it is the leader in network security monitoring. Learn how to find attackers, identify malware, and attribute attackers to real-world APT groups. We will use cloud servers running the free version of Splunk, with open-source network data from Splunk's "Boss of the SOC" contest. This workshop is structured as a CTF, so each participant can proceed at their own pace. The techniques will be briefly demonstrated, and we will provide tips and help as needed to make sure everyone is able to solve at least some of the challenges. Participants need only a computer with a Web browser.





Revision as of 15:58, 16 July 2022

Threat Hunting with Splunk workshop

This workshop will be given:
   Day 2: Saturday, 23-July-2022, 10:00am - 1:00pm, Workshop B (D'Angelo 306) -- VIRTUAL

NOTE: You do NOT need to register to take this workshop -- please show up early to ensure a seat at Workshop B (D'Angelo 306).


Abstract

NOTE: THIS IS A VIRTUAL WORKSHOP, but takes place live at A New HOPE

Splunk is "Google for log data" and it is the leader in network security monitoring. Learn how to find attackers, identify malware, and attribute attackers to real-world APT groups. We will use cloud servers running the free version of Splunk, with open-source network data from Splunk's "Boss of the SOC" contest. This workshop is structured as a CTF, so each participant can proceed at their own pace. The techniques will be briefly demonstrated, and we will provide tips and help as needed to make sure everyone is able to solve at least some of the challenges. Participants need only a computer with a Web browser.


Presenter(s)

presenter name(s) go here


Full Description

full description text goes here


Registration -- NOT required

You do not need to register in advance to take this workshop -- just show up early to ensure a seat.:


Required Software

any required software goes here


Links

any links go here