Not located in Canada? Check out our events website to find workshops in your time zone.
Review the security workshops offered below. Click on each workshop to see a description of the workshop.
Details:
This workshop provides users a way to gain experience searching in Splunk to answer specific questions related to an investigation. These questions are similar to what would be asked in their own organizations. Users will leave with a better understanding of how Splunk can be used to investigate in their enterprise.
Registration Closed
Who should attend:This workshop is ideal for individuals on a Security Operations team responsible for security monitoring and incident response.
Details:
This workshop provides users an opportunity to walk through multiple scenarios and see first- hand how Splunk Security Operations Suite (Enterprise Security, UBA and Phantom) can be used to take notable events and investigate, hunt and orchestrate actions based on what is uncovered. Users will leave with a better understanding of how Splunk, Enterprise Security, UBA and Phantom can be used within security operations to process notable events and investigate as they occur in the enterprise.
Registration Closed
Who should attend:This workshop is ideal for individuals who are already familiar with Splunk and are on a Security Operations team responsible for security monitoring and incident response.
Details:
This workshop provides users an opportunity to walk through a real-world scenario and see first-hand how Phantom can be used from the creation of a notable event to enriching alerts by automatically gathering data, all the way to managing and resolving the incident.
Registration Closed
Who should attend: This workshop is ideal for individuals who are familiar with Phantom and anyone who wants hands-on experience with Phantom including SOC analysts, Incident Responders, and Threat Intelligence teams with an interest in automation.
Details:
This workshop is designed to extend your knowledge into the AWS suite of solutions beyond EC2 and S3. This workshop is filled with hands-on investigations leveraging CloudTrail and CloudWatch data for analysis of VPC Flow data, as well as introductions to data created by AWS security solutions, like GuardDuty and Security Hub. We will also look at the integration of AWS into Enterprise Security and its associated detection from ESCU and SSE. Attendees will come away with a better understanding of the logging available to them from AWS and which events are important to collect to gain visibility into adversary actions in the environment.
Registration Closed
Who should attend: The workshop is designed for individuals on a Security Operations teams responsible for security monitoring and incident response within AWS.
Details:
This workshop provides users an opportunity to walk through multiple scenarios and see first-hand how Enterprise Security can be used from the creation of a notable event to investigate all the way to the raw event that identifies the adversaries action. Users will leave with a better understanding of how Splunk and Enterprise Security can be used to generate notable events and investigate them as they occur in the enterprise.
Registration Closed
Who should attend: This workshop is ideal for individuals who are already familiar with Splunk and are on a Security Operations team responsible for security monitoring and incident response.
Details:
This workshop is designed for Splunk security customers already in or moving to Google Cloud Platform (GCP). The scenarios utilize different pieces of cloud-focused data and include an email investigation, public storage access logs, and Google cloud functionality to better understand how to defend your cloud assets.
Registration Closed
Who should attend: The workshop is designed for individuals on a Security Operations team that are responsible for security monitoring and incident response within GCP.
Details:
This workshop is designed to better prepare security teams using Splunk to understand more about the drive toward Cloud Transformation and Kubernetes. Users will come away with a better understanding of the logging available to them from Kubernetes and which events are important to collect to gain visibility into adversary actions in the environment.
Registration Closed
Who should attend: The workshop is designed for individuals on a Security Operations team who are responsible for providing security monitoring, detection and content creation for environments that use Kubernetes or a similar container orchestration technology.
