I Scream, You Scream, We All Scream For BOTS!

We are excited to announce our August Boss of the SOC (BOTS) V event!!!

After our global debut of Boss of the SOC (BOTS) V in October at Splunk .conf 2020, we’ve spent the last few months tweaking and tuning to get ready to bring BOTS V to the world... And to quote BOTSFather Ryan Kovar:

“It’s free to play! Free, Free, Free! Free like beer! Not like puppies!”

What’s new in BOTS V? I’m glad you asked. This year, we find our favorite brewery, Frothly, converting to a remote model and embracing the cloud for ‘all the things!’ 

Additionally, new experiences for players, including a new scoring server, new scenarios, and new stego questions are introduced. 

Not sure where to start? That’s ok, we have six new scenarios for you to play. Perhaps you want to see how Splunk Enterprise Security can be utilized. We have a scenario solely on using Enterprise Security. Perhaps you are dipping a toe into Kubernetes (K8S), we’ve got one of those. Looking to work with CloudTrail and other Amazon Web Services (AWS) solutions? There is a scenario on just AWS! We also realize a lot of organizations have remote work initiatives, so we’ve included a Remote Work (RWI) scenario. Our customer favorite APT scenario is back as well — detailing an attack by our favorite adversary Violent Memmes. Are you looking to move infrastructure to Google Cloud (GCP)? Frothly has a supplier who just did that too! We can see what they uncovered! Speaking of that GCP scenario, if anyone can explain the difference between a toad and a frog hit me up.


So what are the details? This BOTS event is set to kick off on Thursday, August 5th, 2021 at 3:00 PM Eastern, 12:00 PM Pacific. Registration is currently open and we’re accepting teams of 1-4 players at the Splunk BOTS website. If you are looking for a team the best place to go is over to our Discord server or reach out to your network on Twitter. It is critical that each player on your team registers.

More Information

Looking for  more tips on Boss of the SOC? Don’t forget our handy dandy blog series, "Hunting with Splunk: The Basics,” which was inspired by the questions customers have asked at BOTS events all over the world!

Good Luck! And may the odds be ever in your favor.

P.S. Be sure to check out BOTS VI at .conf 21!

Tom Smit
Posted by

Tom Smit

Tom Smit is a Principal Security Strategist at Splunk and has been a Splunker for eight years. He is active at Splunk as a voice for security, is a strong advocate of security workshops, sharing his experience, and bringing Splunk and security together for customers. During his time at Splunk he has been involved with content creation of Boss of the SOC v3, v4, v5, and head the v6 and v7 programs. Before joining Splunk, Tom held sales engineering, professional services, and product roles at Symantec, Mimecast, Raytheon, and Core Security.

Show All Tags
Show Less Tags