What You Need to Know About Boss of the SOC
We introduced a new security activity at .conf2016 called “Boss of the SOC” (or BOTS), born from our belief that learning can be both realistic and fun.
Lookup Before You Go-Go...Hunting
How to use the Lookup command in Splunk to compare IOCs or other items of interest against your Splunk dataset
HellsBells, Let's Hunt PowerShells!
Learn some methods for hunting and detecting PowerShells no matter the "methodology"
101 things the mainstream media doesn’t want you to know about PowerShell logging*
Go beyond the powerpoint and learn to detect maliciousness on PowerShell by using Splunk.
Spotting the Adversary… with Splunk
Wondering how to find the baddies in huge volumes of data? Work with Splunk & Windows event Log Monitoring – refer to table of event codes in NSA paper.
