Intro to Splunk for Security Professionals (CLASS)

Presented at BSidesDC 2017, Oct. 7, 2017, 8 a.m. (240 minutes).

This entry-level, hands-on training will introduce students to Splunk in the context of everyday information-security tasks. We'll understand what Splunk is (and what it isn’t), go over architecture and deployment scenarios, and take a bird eye’s view of how Splunk works behind the scenes. We’ll review the Search Processing Language and use it for basic querying of large datasets, as we investigate suspicious account and machine activities. We’ll then dive into more complex searches and create interesting queries, reports, dashboards, and alerts, all applicable to investigations, monitoring, and incident response.

Presenters:

• Aelon Porat
  Aelon Porat is an information security manager at Cision. He has extensive experience attacking and defending corporate environments. He likes to jump inside networks and out of planes.

Links:

• https://bsidesdc2017.busyconf.com/schedule#activity_59a4b2b3cfaa1e07a80002bf

Similar Presentations:

• SAINTCON 2019 / Threat Hunting with Splunk Training
• Texas Cyber Summit 2019 / ET-1212 Using Splunk or ELK for Auditing AWS/GCP/Azure Security posture
• A New HOPE (2022) / Threat Hunting With Splunk