Threat Hunting with Splunk 2020 CTF

With @sambowne, @djhardb, @KaitlynGuru, and @infosecirvin.

Final Scores from GRAYHAT 2020

       

Splunk Boss of the SOC

Introduction

Level 1: Finding Attack Servers (35 pts)

Level 2: Identifying Threat Actors (50 pts)

Level 3: Sysmon and Splunk Stream (50 pts)

Level 4: Analyzing a Ransomware Attack (180 pts)

Resources

Free Course from Splunk

Network Security Monitoring Class

Incident Response Class
Updated for GRAYHAT 10-30-20