Workshop: Investigating with Splunk



Join Splunk & August Schell for a modular, hands-on workshop designed to familiarize participants with how to investigate incidents using Splunk and open source. This workshop provides users a way to gain experience searching Splunk to answer specific questions related to an investigation. It will also leverage the popular Boss of the SOC (BOTS) data set in a question and answer format. Users will leave with a better understanding of how Splunk can be used to investigate in their enterprise.

During this workshop, we will go through:
  • An investigation primer
  • An Advanced Persistent Threat (APT) scenario
  • A ransomware scenario

Attendees will receive expert guidance from August Schell's Splunk security subject matter expert, Alex Maier. You will learn from Splunkers who have years of experience, not only in Splunk but also in security.

Lastly, this workshop lets participants interact with Splunk and the data set to gain a better understanding of how to answer security questions using Splunk during the 'hands-on time' that's built into the workshop agenda. Based on attack scenarios from Splunk's Boss of the SOC (BOTS), the data collected showcases common security attacks that you may encounter daily.

Speaker and Presenter Information

Alex MaierSenior Engineer, August Schell

Relevant Government Agencies

Federal Government, State & Local Government

Members who viewed this event also viewed:


Event Type
Webcast


This event has no exhibitor/sponsor opportunities


When
Tue, Jul 14, 2020, 9:00am - 12:00pm ET


Cost
Complimentary:    $ 0.00


Website
Click here to visit event website


Event Sponsors

Splunk, August Schell


Organizer
Splunk Government Team at Carahsoft


Contact Event Organizer



Return to search results