Security
Sign up for one or multiple upcoming workshops:

Building Correlation Searches with Splunk, hands on workshop

8th June 2022
12:00PM – 3:00PM AEST

This is a modular, hands-on workshop designed to show participants how to leverage Splunk to develop their own correlation searches. Users will gain familiarity with building correlation searches in Splunk, as well as introducing data models and the tstats command that can provide a user a method to further optimise their correlation searches. The workshop leverages the popular Boss of the SOC (BOTS) dataset with hands-on exercises that build on one another. Users will come away with a better understanding of how to build their own correlation searches in Splunk as well as how to customise their associated notable events to provide more immediate insights to their analysts

Prerequisites: Splunk Fundamentals 1 (highly recommended), Enterprise Security hands on workshop or some ES experience is also be recommended.


Splunk SOAR (Phantom), hands-on workshop

29th June 2022
12:00PM – 3:00PM AEST

The Splunk SOAR (Phantom) hands-on workshop is designed to familiarise participants with how to respond to incidents, manage cases and artefacts, as well as automate your incident response and standard operating procedures. This workshop provides users an opportunity to walk through a real-world scenario and see first-hand how Phantom can be used from the creation of a notable event, to enriching alerts by automatically gathering data, all the way to managing and resolving the incident.

Prerequisites: None



DO NOT EDIT

Endpoint Hands On Workshop

13th July 2022
12:00PM – 3:00PM AEST

Join us for this EndPoint Hands on Workshop

Splunking the Endpoint is a modular, hands-on workshop designed to familiarise participants with different endpoint technologies and how to leverage Splunk to gain greater insight into the activities occurring on the endpoint. This workshop provides users a way to gain familiarity with various endpoint logging tools, including Microsoft Event Logs, Sysmon, PowerShell, osquery, Carbon Black and Cisco NVM as well as introducing Splunk Security Essentials and ES Content Updates. The Window Event Code Analyzer is also covered which is designed to assist users in determining which Windows events to log. This workshop leverages the popular Boss of the SOC (BOTS) dataset with hands-on exercises for each technology. Users will come away with a better understanding of the available event logging at the endpoint and which events are important to gain visibility into adversary actions on the endpoint.


Advanced Persistent Threat Hunting with Splunk, hands-on workshop

27th July 2022
12:00PM – 3:00PM AEST

APT hunting with Splunk is a modular, hands-on workshop designed to provide a deeper dive into an Advanced Persistent Threat while providing an opportunity for participants to develop hypotheses and hunt. This workshop leverages Splunk and Enterprise Security and introduces how models like the Lockheed Martin Kill Chain, MITRE ATT&CK and Diamond Model can be used to contextualise their hunts. The workshop leverages the popular Boss of the SOC (BOTS) dataset in a multi-hunt format. Users will leave with a better understanding of how Splunk can be used to hunt for threats within their enterprise.

Prerequisites: None


Platform & Observability
Sign up for one or multiple upcoming workshops:

Splunk4Rookies Hands on Workshop

6th July 2022
12:00PM – 3:00PM AEST

Would you like to go from Splunk Zero to Splunk Hero in 3 hours? This workshop is a great opportunity for you to discover the value of Splunk hands-on in a matter of hours. Sessions are designed for people who are new to Splunk and keen to understand how to get started and get introduced to a couple of initial use cases customers often start with.


Infrastructure Monitoring and Troubleshooting Hands-On Workshop

20th July 2022
12:00PM – 3:00PM AEST

This workshop is led by Splunk Solutions Engineers, ITOA Specialists and IT Subject Matter Experts. The purpose of this workshop is to expose customers and prospects to the integration of Splunk Infrastructure Monitoring and Splunk Core capabilities. The workshop agenda includes:

  • Discussion on Fundamental Changes in IT Operations
  • Introduction to Splunk for Infrastructure Monitoring and Troubleshooting
  • Navigating Splunk Infrastructure Monitoring
  • Using Intelligent Alerting
  • Hands-on Tasks Using Sub-second Metrics and out-of-the-box Integrations

The workshop is designed for IT Operations and DevOps / Site Reliability teams, including Tier 1 and Tier 2 Analysts and Engineers. Additionally, ITOps and SRE Managers will also benefit by seeing how Splunk can help modernize their IT Operations monitoring capabilities.