Please note these sessions are run in Europe time zones – BST & CEST.

Welcome to Splunk Security Ninja Workshop Series. These 4 hour, hands-on security workshops are brought to you by the Splunk team via Zoom. Learn, connect & interact with Splunk subject matter experts, colleagues and industry peers, and have some fun on the way! Virtual hands-on workshops are a convenient, interactive way to build your Splunk security skills and knowledge – from the comfort of your work or home office.

If you register for one of our sessions, please add events@splunk.com as a safe sender in your email to ensure you receive our confirmation email and joining details.

We welcome you to join us for one, a few or all of our workshops in this series.

Hungry for more Splunk hands-on workshops? Check out our Splunk4Rookies & Splunk4Rookies Observability programme.


What you'll need:

Just you, your laptop, and a browser that can access external websites. You will also need a splunk.com account to access the workshop environment (create an account here). We run these workshops on Zoom, if you don’t have the Zoom client on your device you will be able to access via a web browser.


DO NOT EDIT

Upcoming Sessions:

Security Operations Suite


The Security Products Hands-On is a modular, hands-on workshop designed to familiarize participants with how to investigate incidents using Splunk Enterprise, Enterprise Security, UBA and Phantom. This workshop provides users an opportunity to walk through multiple scenarios and see first- hand how Splunk Security Products can be used to take notable events and investigate, hunt and orchestrate actions based on what is uncovered. The workshop leverages the popular Boss of the SOC (BOTS) dataset and is laid out in an interactive format. Users will leave with a better understanding of how Splunk, Enterprise Security, UBA and Phantom can be used within security operations to process notable events and investigate as they occur in the enterprise.

Dates/Times: Thursday, 8th June | 9:30 - 13:30 BST / 10:30 - 14:30 CEST

Enterprise Security


Enterprise Security Hands-On is a modular, hands-on designed to familiarize participants with how to investigate incidents using Splunk Enterprise and Splunk Enterprise Security. This workshop provides users an opportunity to walk through multiple scenarios and see first-hand how Enterprise Security can be used from the creation of a notable event to investigate all the way to the raw event that identifies the adversaries action. The workshop leverages the popular Boss of the SOC (BOTS) dataset and is laid out in an interactive format. Users will leave with a better understanding of how Splunk and Enterprise Security can be used to generate notable events and investigate them as they occur in the enterprise.

Dates/Times: Thursday, 15th June | 9:30 - 13:30 BST / 10:30 - 14:30 CEST

Building Correlation Searches for Enterprise Security


Building Correlation Searches with Splunk Enterprise Security is a modular, hands-on workshop designed to familiarize participants with how to leverage Splunk to develop their own correlation searches. This workshop provides users a way to gain familiarity with building correlation searches in Splunk, as well as introducing data models and the tstats command that can provide a user a method to further optimize their correlation searches. The workshop leverages the popular Boss of the SOC (BOTS) dataset with hands-on exercises that build on one another. Users will come away with a better understanding of how to build their own correlation searches in Splunk as well as how to customize their associated notable events to provide more immediate insights to their analysts.

Dates/Times: Thursday, 22nd June | 9:30 - 13:30 BST / 10:30 - 14:30 CEST

Risk Based Alerting Hands-on


The Risk-Based Alerting (RBA) hands-on workshop is designed to guide Detection Engineers or other content creators with the RBA process used in Splunk Enterprise Security. Our journey will begin with a review of ES fundamentals as a foundation for RBA then proceeds through Risk Factors, Risk Rule creation, and Risk Notable creation.
The workshop leverages the popular Boss of the SOC (BOTS) dataset with hands-on exercises that build on one another and expose the participants to detecting a complex APT attack. The participants will depart with a clear path for getting started with RBA in their environment. Participants need to have completed the Enterprise Security hands-on workshop before doing the RBA workshop.

Dates/Times: Thursday, 29th June | 9:30 - 13:30 BST / 10:30 - 14:30 CEST

We look forward to seeing you online soon!


Splunk
Sitemap | Privacy | Website Terms of Use | Splunk Licensing Terms | Export Control | Modern Slavery Statement | Splunk Patents
© 2005- Splunk Inc. All rights reserved.
Splunk, Splunk>, Turn Data Into Doing, Data-to-Everything, and D2E are trademarks or registered trademarks of Splunk Inc. in the United States and other countries. All other brand names, product names, or trademarks belong to their respective owners.