Threat Hunting with Splunk 2020 CTF

With @sambowne, @djhardb, @KaitlynGuru, and @infosecirvin.

Final Scores from GRAYHAT 2020


Splunk Boss of the SOC


Level 1: Finding Attack Servers (35 pts)

Level 2: Identifying Threat Actors (50 pts)

Level 3: Sysmon and Splunk Stream (50 pts)

Level 4: Analyzing a Ransomware Attack (180 pts)


Free Course from Splunk

Network Security Monitoring Class

Incident Response Class

Updated for GRAYHAT 10-30-20