I Scream, You Scream, We All Scream For BOTS!

Security Tom Smit

W e are excited to announce our August Boss of the SOC (BOTS) V event!!!

After our global debut of Boss of the SOC (BOTS) V in October at Splunk .conf 2020, we’ve spent the last few months tweaking and tuning to get ready to bring BOTS V to the world... And to quote BOTSFather Ryan Kovar:

“It’s free to play! Free, Free, Free! Free like beer! Not like puppies!”

What’s new in BOTS V? I’m glad you asked. This year, we find our favorite brewery, Frothly, converting to a remote model and embracing the cloud for ‘all the things!’

Additionally, new experiences for players, including a new scoring server, new scenarios, and new stego questions are introduced.

Not sure where to start? That’s ok, we have six new scenarios for you to play. Perhaps you want to see how Splunk Enterprise Security can be utilized. We have a scenario solely on using Enterprise Security. Perhaps you are dipping a toe into Kubernetes (K8S), we’ve got one of those. Looking to work with CloudTrail and other Amazon Web Services (AWS) solutions? There is a scenario on just AWS! We also realize a lot of organizations have remote work initiatives, so we’ve included a Remote Work (RWI) scenario. Our customer favorite APT scenario is back as well — detailing an attack by our favorite adversary Violent Memmes. Are you looking to move infrastructure to Google Cloud (GCP)? Frothly has a supplier who just did that too! We can see what they uncovered! Speaking of that GCP scenario, if anyone can explain the difference between a toad and a frog hit me up.

Details

So what are the details? This BOTS event is set to kick off on Thursday, August 5th, 2021 at 3:00 PM Eastern, 12:00 PM Pacific. Registration is currently open and we’re accepting teams of 1-4 players at the Splunk BOTS website. If you are looking for a team the best place to go is over to our Discord server or reach out to your network on Twitter. It is critical that each player on your team registers.

More Information

Looking for more tips on Boss of the SOC? Don’t forget our handy dandy blog series, "Hunting with Splunk: The Basics,” which was inspired by the questions customers have asked at BOTS events all over the world!

Good Luck! And may the odds be ever in your favor.

P.S. Be sure to check out BOTS VI at .conf 21!

/en_us/blog/fragments/digital-resilience-pays-off
Style
two-column

Related Articles

Identifying Phishing Sites in Your Events
Security
2 Minute Read

Identifying Phishing Sites in Your Events

Active Directory Discovery Detection: Threat Research Release, September 2021
Security
15 Minute Read

Active Directory Discovery Detection: Threat Research Release, September 2021

In this blog post, we’ll walk you through this analytic story, demonstrate how we can simulate these attacks using PoshC2 & PurpleSharp to then collect and analyze the resulting telemetry to test our detections.
Why Your Network is Your Best Defense: A Complete Guide to Threat Detection, Investigation, and Response
Security
3 Minute Read

Why Your Network is Your Best Defense: A Complete Guide to Threat Detection, Investigation, and Response

Discover how to leverage your network for threat detection and response. Learn how Splunk and Cisco integrations reduce MTTD, MTTR, and MTTC in modern SOCs.
/en_us/blog/fragments/about-splunk
/en_us/blog/fragments/subscribe-footer