Workshop: Investigating with Splunk
Join Splunk & August Schell for a modular, hands-on workshop designed to familiarize participants with how to investigate incidents using Splunk and open source. This workshop provides users a way to gain experience searching Splunk to answer specific questions related to an investigation. It will also leverage the popular Boss of the SOC (BOTS) data set in a question and answer format. Users will leave with a better understanding of how Splunk can be used to investigate in their enterprise.
During this workshop, we will go through:
- An investigation primer
- An Advanced Persistent Threat (APT) scenario
- A ransomware scenario
Attendees will receive expert guidance from August Schell's Splunk security subject matter expert, Alex Maier. You will learn from Splunkers who have years of experience, not only in Splunk but also in security.
Lastly, this workshop lets participants interact with Splunk and the data set to gain a better understanding of how to answer security questions using Splunk during the 'hands-on time' that's built into the workshop agenda. Based on attack scenarios from Splunk's Boss of the SOC (BOTS), the data collected showcases common security attacks that you may encounter daily.
Speaker and Presenter Information
Alex Maier, Senior Engineer, August Schell
Relevant Government Agencies
Federal Government, State & Local Government
Event Type
Webcast
This event has no exhibitor/sponsor opportunities
When
Tue, Jul 14, 2020, 9:00am - 12:00pm
ET
Cost
Complimentary: $ 0.00
Website
Click here to visit event website
Event Sponsors
Splunk, August Schell
Organizer
Splunk Government Team at Carahsoft