About the Second Day Training
[Participants will need a laptop, slack, and wireless internet access]
The training, being led by Craig Vincent and Sondra Russell from Splunk, has two sessions.
During the first session, the focus is on
CIS Critical Security Controls Assessment. Participants will review the 20 Critical Security Controls as identified by the Center for Internet Security. Participants will learn how to apply these important security controls in a real-world setting by analyzing real, existing data. After participants understand the environment, the will spend the remainder of the morning identifying threats. The trainers will introduce theories and processess of investigation, threat hunting and incident response using a variety of endpoint, network and threat intelligence data sources.
During the second session, participants will get
hands-on training. Teams made up of four or five players will compete in a blue-team capture-the-flag exercise called Boss of the SOC. Each team will be handed a data set and a series of challenges. Teams will be scored on accuracy, speed, and ingenuity. Teams will compete for prizes, but more importantly, bragging rights.
Vincent is a solution engineer and regional Security Subject Matter at Splunk. After joining Splunk, Vincent has supported customers in Higher Education, Healthcare, and State & Local Government. Before joining Splunk, he held a security research role at the National Cable & Telecommunications Association and worked in the Security Operation Center at Mandiant, acquired by FireEye, Inc. Based in the DC area, Vincent's technical passions include security, containerization, automation, and program management. Vincent holds a B.S.E in Electrical & Computer Engineering from Duke University.
Sondra has been a "Splunker" for eight years, starting when she was a devoted customer of Splunk at National Public Radio. While at Splunk, she's focused on working with higher education customers on a variety of use cases, including security and compliance, application monitoring, Internet of Things and business analytics.