Splunk BOTS V1: Ransomware

Splunk’s Boss of the SOC is essentially a blue-team oriented capture-the-flag. The yearly competition challenges teams to race through incident response questions for multiple scenarios while leveraging Splunk’s dashboard. Knowledge of SPL (Splunk Search Processing Language) and usage of their dashboard is obviously useful. The incidents also necessitate know-how in networking, Windows (specifically Windows Events […]

Splunk BOTS V1: Ransomware Read More »