Intro to Splunk for Security Professionals (CLASS)

Presented at BSidesDC 2017, Oct. 7, 2017, 8 a.m. (240 minutes)

This entry-level, hands-on training will introduce students to Splunk in the context of everyday information-security tasks. We'll understand what Splunk is (and what it isn’t), go over architecture and deployment scenarios, and take a bird eye’s view of how Splunk works behind the scenes. We’ll review the Search Processing Language and use it for basic querying of large datasets, as we investigate suspicious account and machine activities. We’ll then dive into more complex searches and create interesting queries, reports, dashboards, and alerts, all applicable to investigations, monitoring, and incident response.


Presenters:

  • Aelon Porat
    Aelon Porat is an information security manager at Cision. He has extensive experience attacking and defending corporate environments. He likes to jump inside networks and out of planes.

Links:

Similar Presentations: