Security

April 28, 2020

3 Minute Read

North American BOTS Day 2020

By Splunk

BOTS day is back for 2020, and this time (unsurprisingly), it's going virtual! The North America BOTS day event will be held on July 16, 2020, and we hope to have you all join us! If that's all you needed to hear, go ahead and register now! If you want to learn a bit more about what's in store, read on!

What is Boss of the SOC?

BOTS is a blue-team, jeopardy-style, capture-the-flag-esque (CTF) activity where participants leverage Splunk's Security Operations Suite — and other resources — to answer a variety of questions about the type of real-world security incidents that analysts face regularly. We developed BOTS because we were tired of showing up at security conferences and finding the CTFs to be entirely red-team oriented. There are other blue team CTFs out there — especially the grandfather to them all, SANS NetWars — but few of them attempt to recreate the life of a security analyst facing an adversary at all stages of an attack.

In BOTS, we work very hard to ask questions that not only require contestants to know or get to know Splunk solutions but also know how to research open-source intelligence and think outside of the "Splunk Security" box.

Are you excited yet?

What is North America BOTS Day?

This event will feature everything you've come to love about BOTS. Participants will compete from their safe, secure, and socially distanced locations across North America. But you won't be isolated during this virtual BOTS event, far from it! Just like always in BOTS, you are encouraged to compete in teams of up to four, and we are busy preparing a brand new never-before-seen enhanced virtual experience for this year's event.

North American BOTS Day Schedule

Spoiler Alert?

BOTS Day will utilize the BOTSv4 dataset unveiled at .conf19 back in October. While the dataset will be the same, we are busy creating a brand new question set for BOTS day. The event will feature never-before-seen questions, no spoilers, and no unfair advantages for you or anyone else.

Should I Play?

In a word, yes. We've written about who should play before, but it's worth repeating here. If you've gotten this far, you are almost certainly an excellent fit for BOTS. To hold your own in BOTS, we usually tell folks they need to know a little about the Splunk security solutions and a little about security. However, all you need is the desire to learn and have fun.

Yes, indeed, the winners of BOTS competitions are often very knowledgeable in both Splunk solutions and security. Still, everyone will have a great time and learn something new.

The questions in BOTS range from easy to hard and everything in between. Every question comes with hints to nudge you in the right direction, and if you need more, coaches are onsite to help when the hints run out. Also — don't forget — BOTS is a team sport, so if you bring your crew, you won't be alone.

If all of that isn't enough to convince you that BOTS is a safe, supportive, and fun learning environment, we've now made it super easy to play anonymously if you choose. Are you feeling a little judged on that big scoreboard? No problem. Just flip the bit on anonymous mode to take the pressure off while you catch up or plot your next move.

How Can I Prepare?

Here are some great ways to prepare for BOTS day:

Check out our "Hunting With Splunk" blog series. More than anything else, mastering the topics covered in this series will help you answer more questions faster
Take advantage of Free Splunk Fundamentals 1 Training
Practice your Splunk hunting with prior versions of BOTS
Stand up your very own BOTS environment and practice

Is There Any Fine Print?

Yeah, there's always a little, isn't there? Registration is required, but free; space is limited; no game-day registration allowed:

In the coming weeks you will be notified about the process to set up your BOTS system login and form your team.
IMPORTANT: Each individual must register, even if you are planning to participate as a team. Each team member must register.
Please register with an email that you can access on the day of the event
You are required to bring a laptop computer equipped with WIFI and running a supported web browser
On BOTS Day, you will need to acknowledge Splunk's privacy statement before you are allowed to play

How Do I Register Again?

Just sign up here. We look forward to hosting you at Splunk North American BOTS Day 2020!

----------------------------------------------------
Thanks!
Dave Herrald

SANS 2022 SOC Survey: A Look Inside

Check out this detailed summary of the SANS 2022 SOC Survey sponsored by Splunk to explore the latest trends in security operations.

Security 3 Min Read

Staff Picks for Splunk Security Reading March 2021

These monthly postings will feature the favorite security-centric presentations, white papers and customer case studies from various peeps in the Splunk (or not) security world that WE think everyone should read. If you would like to read other months, please take a peek at previous posts in the "Staff Picks" series!

Security 3 Min Read

Introducing Attack Range v3.0

Explore the new features introduced in version 3.0 of the Splunk Attack Range, aimed at helping you build resilient, high-quality threat detections.

About Splunk

The world’s leading organizations rely on Splunk, a Cisco company, to continuously strengthen digital resilience with our unified security and observability platform, powered by industry-leading AI.

Our customers trust Splunk’s award-winning security and observability solutions to secure and improve the reliability of their complex digital environments, at any scale.

Learn more about Splunk