Threat Hunting with Splunk

Presented at SAINTCON 2019, Oct. 23, 2019, 8 a.m. (240 minutes).

**Training is limited to 40 people. Training is first come first serve!!!** Practice red and blue team skills in this fun, CTF-style workshop. Attendees will configure free Linux servers in the Google cloud to detect intrusions using Suricata, log files, and Splunk, and attack them with a Linux cloud server using Metasploit, Ruby, and Python scripts. They will also use Splunk to analyze ransomware and brute-force attacks and perform attribution, using archived event data from a realistic multi-server Windows corporate domain. All workshop materials are freely available on the Web, and will remain available after the workshop. All required software and cloud resources are free to use. **Training is limited to 40 people. Training is first come first serve!!!**

Presenters:

• Sam Bowne - CCSF
  Sam Bowne has been teaching computer networking and security classes at CCSF since 2000. He has given talks and hands-on trainings at DEF CON, DEF CON China, HOPE, BSidesSF, BSidesLV, RSA, and many conferences and colleges. Formal education: B.S. and Ph.D. in Physics Industry credentials: Infosec: CISSP, Certified Ethical Hacker, Security+, Defcon Black Badge, Splunk Core Certified User Networking: Network+, Certified Fiber Optic Technician, HE IPv6 Sage, CCENT, IPv6 Forum Silver & Gold, Juniper JN0-101, Wireshark WCNA Microsoft: MCP, MCDST, MCTS: Vista

Links:

• https://saintcon2019.sched.com/event/W6VP/threat-hunting-with-splunk

Similar Presentations:

• SAINTCON 2019 / Cyber Threat Response (CTR) Workshop Training
• SAINTCON 2019 / Building a Vulnerability Management Program with Nessus Training
• SAINTCON 2019 / Privacy Workshop Training