Blue Team

Splunk’s Boss of the SOC is essentially a blue-team oriented capture-the-flag. The yearly competition challenges teams to race through incident response questions for multiple scenarios while leveraging Splunk’s dashboard. Knowledge of SPL (Splunk Search Processing Language) and usage of their dashboard is obviously useful. The incidents also necessitate know-how in networking, Windows (specifically Windows Events […]