Investigating with Splunk, Part 1
Get a head start acquiring the skills you’ll use in the Immersion Boss of the SOC (BOTS) Capture-The-Flag — or come just to learn popular tools and techniques used in a security operations center — with Splunk staff security strategist Lily Lee and Splunk principal security strategist and co-creator of BOTS Dave Herrald.
Splunk is designated as a leader in Gartner’s 2020 Magic Quadrant for Security Information and Event Management (SIEM), with thousands of organizations worldwide using Splunk for security monitoring, advanced threat detection, incident investigation and forensics, incident response, SOC automation and a wide range of security analytics and operations use cases.
Investigating with Splunk is a hands-on workshop designed to familiarize participants with how to investigate incidents using Splunk and open source tools. This workshop provides experience searching in Splunk to answer specific questions similar to what would be asked in an investigation.
Dave Herrald is a technical information security professional with over 20 years of security and IT experience in the software, payments, and broadcast media industries. He currently works as a principal security strategist at Splunk where he focuses on the Splunk Boss of the SOC (BOTS), performing research into adversary simulation for blue teams, training technical security teams around the globe, and helping Splunk customers implement advanced security use cases. Dave has worked in various information security roles including pre-sales engineer, strategic security consultant, penetration tester, hands-on security architect/engineer/analyst, and chief information security officer. Dave holds many security certifications including GIAC Security Expert (GSE) #79.
Lily Lee has over 10 years of experience working with Fortune 500 companies and government agencies, operationalizing their IT and security data sources to gain insight and mitigate threats. In her current role as security strategist at Splunk she plays a key role in driving Splunk’s security growth and go-to-market strategy. Lily holds a B.S. in computer science, as well as numerous security and IT certifications and has presented at several industry conferences.