Cyber Threat Hunting
-
Disgruntled: WALKTHROUGH
Hey, kid! Good, you’re here! Not sure if you’ve seen the news, but an employee from the IT department of one of…
-
Unattended: WALKTHROUGH
Welcome to the team, kid. I have something for you to get your feet wet. Our client has a newly hired employee…
-
Benign: WALKTHROUGH
We will investigate host-centric logs in this challenge room to find suspicious process execution. To learn more about Splunk and how to…
-
Investigating With Splunk: WALKTHROUGH
SOC Analyst Johny has observed some anomalous behaviours in the logs of a few windows machines. It looks like the adversary has access to some…
-
Splunk Incident Handling: WALKTHROUGH
This room covers an incident Handling scenario using Splunk. An incident from a security perspective is “Any event or action, that has…