Threat Hunting with SentinelOne: Cloud Workload Protection Platform

This event qualifies for 1.8 CPEs

Visibility into cloud workloads is key to extending threat hunting capabilities and identifying risk within your cloud workloads. For this workshop, we have created a couple of scenarios around containerized workloads where certain behaviors are considered suspicious or malicious.


We have identified that there is a new threat actor group which is targeting containers in Cloud Service Providers (CSPs), and that they are using certain tactics, techniques, and procedures.


In this Capture the Flag workshop, you will assume the role of Threat Hunter:

  • Each Threat Hunter will have access to the SentinelOne management console and our Capture the Flag environment.
  • Each Threat Hunter will be given two missions, and in each mission, there will be a number of Flags (questions), which carry points. Hints are available, but cost points; the players can see the amount of points that a hint will cost them.
  • The winner will be the one who captures the most flags and earns the most points within the allocated time for the event.

We will provide an overview of the SentinelOne console and instructions on how to build queries and pivot into the various artifacts that the queries find. Using these instructions, the threat hunters will be able to answer all the questions contained in the missions.

Relevant Government Agencies

Other Federal Agencies, Federal Government, State & Local Government

This event has no exhibitor/sponsor opportunities

Thu, Jun 1, 2023, 3:00pm - 4:30pm ET

Complimentary:    $ 0.00

Carahsoft Office & Collaboration Center
11493 Sunset Hills Road
Reston, VA 20190
Get directions

Click here to visit event website

Event Sponsors

SentinelOne Government Team at Carahsoft

Contact Event Organizer

Return to search results