I Scream, You Scream, We All Scream For BOTS!

W e are excited to announce our August Boss of the SOC (BOTS) V event!!!

After our global debut of Boss of the SOC (BOTS) V in October at Splunk .conf 2020, we’ve spent the last few months tweaking and tuning to get ready to bring BOTS V to the world... And to quote BOTSFather Ryan Kovar:

“It’s free to play! Free, Free, Free! Free like beer! Not like puppies!”

What’s new in BOTS V? I’m glad you asked. This year, we find our favorite brewery, Frothly, converting to a remote model and embracing the cloud for ‘all the things!’

Additionally, new experiences for players, including a new scoring server, new scenarios, and new stego questions are introduced.

Not sure where to start? That’s ok, we have six new scenarios for you to play. Perhaps you want to see how Splunk Enterprise Security can be utilized. We have a scenario solely on using Enterprise Security. Perhaps you are dipping a toe into Kubernetes (K8S), we’ve got one of those. Looking to work with CloudTrail and other Amazon Web Services (AWS) solutions? There is a scenario on just AWS! We also realize a lot of organizations have remote work initiatives, so we’ve included a Remote Work (RWI) scenario. Our customer favorite APT scenario is back as well — detailing an attack by our favorite adversary Violent Memmes. Are you looking to move infrastructure to Google Cloud (GCP)? Frothly has a supplier who just did that too! We can see what they uncovered! Speaking of that GCP scenario, if anyone can explain the difference between a toad and a frog hit me up.

Details

So what are the details? This BOTS event is set to kick off on Thursday, August 5th, 2021 at 3:00 PM Eastern, 12:00 PM Pacific. Registration is currently open and we’re accepting teams of 1-4 players at the Splunk BOTS website. If you are looking for a team the best place to go is over to our Discord server or reach out to your network on Twitter. It is critical that each player on your team registers.

More Information

Looking for more tips on Boss of the SOC? Don’t forget our handy dandy blog series, "Hunting with Splunk: The Basics,” which was inspired by the questions customers have asked at BOTS events all over the world!

Good Luck! And may the odds be ever in your favor.

P.S. Be sure to check out BOTS VI at .conf 21!

https://main--blog-dev--splunk-wm.aem.live/en_us/blog/fragments/digital-resilience-pays-off
Style
two-column

Related Articles

Explore the Splunk SOAR Adoption Maturity Model
Security
3 Minute Read

Explore the Splunk SOAR Adoption Maturity Model

SOAR helps you orchestrate security workflows and automate tasks in seconds to empower your SOC, work smarter and respond faster. Increasingly, security automation is becoming seen as a milestone in maturing your security operations. And maturing security operations is something all organizations need to do, with the rising threat of attacks and threats of all kinds.
Detecting the Sudo Baron Samedit Vulnerability and Attack
Security
3 Minute Read

Detecting the Sudo Baron Samedit Vulnerability and Attack

Looking for ways to detect and protect against the SUDO Baron Samedit vulnerability (CVE-2021-3156)? Look no further. In this blog we tell you how to proactively detect vulnerable servers using Splunk and also to detect malicious folks who are attempting to exploit this vulnerability for nefarious outcomes!
Detecting HermeticWiper
Security
9 Minute Read

Detecting HermeticWiper

Detecting HermeticWiper destructive software and ransomware decoy with Splunk.
https://main--blog-dev--splunk-wm.aem.live/en_us/blog/fragments/about-splunk
https://main--blog-dev--splunk-wm.aem.live/en_us/blog/fragments/subscribe-footer