Open Source BOSS of the SOC dataset, questions and answers

Register for VIP Access

All Fields are required *

BOTS 2.0

Want to run, play or explore BOTS on your own? Just fill out the form. We know “another form”, but we promise it’s worth it and you’ll have access to (almost) everything from BOTS 2.0!

What is BOTS?

BOTS is a jeopardy-style, capture-the-flague-esque (CTF) competition in which participants use Splunk—and other tools—to answer a variety of questions about realistic security incidents within an enterprise environment. Need more clarification about BOTS? Read this blog.

Last year we released BOTS 1.0 data, scoring server and questions under an open source license. Now we are excited to offer BOTS 2.0 dataset and related materials in the same way!

The Cool Part (A.K.A: Why should you care?)

You can use BOTS 2.0 open source data for a variety of things, such as, to perform analysis on adversary actions, to test searches and refine detection methods, or (maybe most obvious) training!

You’ll basically have VIP access — who doesn’t like that? — to the BOTS 2.0 dataset in pre-indexed form, along with questions and answers! Meaning: you can run your very own Boss of the SOC competitions for fun or training using much of the same technology and data that we used for BOTS 2.0.