Investigating with Splunk is a modular, hands-on workshop designed to familiarize participants with how to investigate incidents using Splunk and open source. This workshop provides users a way to gain experience searching in Splunk to answer specific questions related to an investigation. These questions are similar to what would be asked in their own organizations.
The workshop leverages the popular Boss of the SOC (BOTS) dataset in a question and answer format. Users will leave with a better understanding of how Splunk can be used to investigate in their enterprise. Requirements: Each attendee must bring their own laptop.
This workshop is hands-on and each user will need access to a modern web browser with Internet connectivity. Splunk will provide a cloud environment where the Splunk software and data will reside.What you can expect:
- ***Expert guidance from Splunk security subject matter experts
- ***Learn from GuidePoint Security engineers who have years of experience, not only in Splunk, but also in security
- ***Real World Data - Based on attack scenarios from Splunk's Boss of the SOC, the data collected showcases common security attacks that you may encounter on a daily basis
- ***Hand-On Time - Participants will have time during the workshop to interact with GuidePoint and the data set to gain a better understanding on how to answer security questions using Splunk
Please sign up today as seats are limited to make this a fully interactive experience.
Date & Time
Tuesday, May 17, 2022
9:30 a.m. — 3:00 p.m. ET
The Westin Atlanta Perimeter North
7 Concourse Parkway NE
Atlanta, GA 30328