Event Date: July 14, 2020
Hosted By: Splunk, August Schell & Carahsoft
Attendees joined Splunk & August Schell for a modular, hands-on workshop designed to familiarize participants with how to investigate incidents using Splunk and open source. This workshop provided users a way to gain experience searching Splunk to answer specific questions related to an investigation. It also leveraged the popular Boss of the SOC (BOTS) data set in a question and answer format. Users left with a better understanding of how Splunk can be used to investigate in their enterprise.
During this workshop, we went through:
An investigation primer
An Advanced Persistent Threat (APT) scenario
A ransomware scenario
Attendees received expert guidance from August Schell's Splunk security subject matter expert, Alex Maier. They learned from Splunkers who have years of experience, not only in Splunk but also in security.
Lastly, this workshop let participants interact with Splunk and the data set to gain a better understanding of how to answer security questions using Splunk during the 'hands-on time' that was built into the workshop agenda. Based on attack scenarios from Splunk's Boss of the SOC (BOTS), the data collected showcased common security attacks that you may encounter daily.
With the December 31st deadline for DOD research grants rapidly approaching, campuses across the country are diving into discussions around NIST 800-171 compliance. We at Splunk are committed in our mission to help higher education customers leverage the power of machine data to address challenges r...
Founded in 1838, Duke University (Duke) is a private research institution situated on an 8,500-acre campus in Durham, N.C. Duke is divided into 10 schools and colleges, serving nearly 15,000 undergraduate and graduate students. With faculty and staff added to the mix, Duke supports more than 68,000 ...
The University of Nevada, Las Vegas (UNLV) is a premier research university serving 29,000 students. UNLV has relied on machine data analytics to troubleshoot and manage the operational efficiency of its IT networks for several years, and now has repurposed its data to identify at-risk students and ...
Learn how Phantom, which was recognized as the most innovative company at the 2016 RSA Conference, automates and orchestrates key stages of security operations from prevention to triage and resolution; delivering dramatic increases in productivity and effectiveness.
View this case study to discover how LUMO utilizes Splunk for use cases like application delivery, IT Operations, and IoT. You will also learn the business impact that Splunk has had on LUMO and will help you to gain valuable insights for your organization.
Energy efficiency is one of the most critical factors in any building project. It’s
estimated that commercial buildings consume nearly 20% of all energy in the U.S.,
the majority of which is used for lighting and indoor climate control. From site
selection and layout to building materials and m...
The Nevada Department of Transportation (NDOT), a division of Nevada’s state government, aims to enhance public safety and commerce by planning, constructing, operating and maintaining the state’s highways. NDOT oversees Nevada’s 511 system, which enables citizens to determine road conditions ...
Splunk Enterprise collects all your machine data from wherever it’s generated, including physical, virtual, and cloud environments. The solution enables you to search, monitor, and analyze your data from one place in real time. It enables you to troubleshoot problems, monitor your end-to-end infra...