We introduced a new security activity at .conf2016 called “Boss of the SOC” (or BOTS), born from our belief that learning can be both realistic and fun.
Wondering how to find the baddies in huge volumes of data? Work with Splunk & Windows event Log Monitoring – refer to table of event codes in NSA paper.