By Derek King July 02, 2019
Oh, SplunkLive! London... you take twelve months to arrive and yet you’re gone in a heartbeat! To help with my withdrawal symptoms of the biggest UK event of the year, I wanted to share some of my security highlights:
The Community
For me personally, there were a lot of highs throughout the day (and activities the evening before). These have to be some of my best days here at Splunk so far as it brought together so many folks from the Security community, and I’m a big believer that we play our best game when we work together. Here’s a look at the Security community coming together and have some ‘Splunking fun’, in the MITRE ATT&CK breakout session.
Almighty MITRE ATT&CK
I was honoured to share some thoughts on cyber, and excited to see how the ATT&CK framework is coming to life for the good of cyber defence superheroes. It was exciting to hear about how the ATT&CK framework is being used across organisations – such a wealth of knowledge being shared in one concentrated area! If you didn’t make it ‘live’ (pun intended) you can check out the slides here.
BOTS
BOTS, BOTS, BOTS everywhere! So much defender know-how gathered together in a concentrated area (a floor of London’s InterContinetal O2 with a pretty amazing view) the evening before the main event. The purpose of attending this gathering of amazing security minds, is not to come together to share ideas and knowledge, but to test your metal against the rest of the community. This year’s Boss of The SOC (BOTS) saw 40 teams fighting it out for nearly four hours, threat hunting in what has become one of the industry’s most talked about and desired ‘capture the flag’ type competitions. Where else can you drink beer, listen to a live DJ, go APT hunting with friends, and throw daggers at the competition? Proverbial daggers of course - that wouldn’t help grow our community of experts, now would it?
I’d like to congratulate the team at Meggitt for winning the competition, and for everyone who competed. The atmosphere was brilliant, the competition tough, and I know speaking to teams afterwards that the desire to come back for a rematch is on! Lots of teams have vowed to hone their skills over the next twelve months - watch out Meggitt – they’re coming for you!
If you were one of the teams that competed this year and want to know where you finished just reach out on twitter (@network_slayer) and all will be revealed. If, however, you went all ‘GDPR on me’ then you’ve kind of burnt your bridges I’m afraid. Come back next year and tell the world who you are!
Until Then.
Derek