Security

April 28, 2020

3 Minute Read

North American BOTS Day 2020

By Splunk

BOTS day is back for 2020, and this time (unsurprisingly), it's going virtual! The North America BOTS day event will be held on July 16, 2020, and we hope to have you all join us! If that's all you needed to hear, go ahead and register now! If you want to learn a bit more about what's in store, read on!

What is Boss of the SOC?

BOTS is a blue-team, jeopardy-style, capture-the-flag-esque (CTF) activity where participants leverage Splunk's Security Operations Suite — and other resources — to answer a variety of questions about the type of real-world security incidents that analysts face regularly. We developed BOTS because we were tired of showing up at security conferences and finding the CTFs to be entirely red-team oriented. There are other blue team CTFs out there — especially the grandfather to them all, SANS NetWars — but few of them attempt to recreate the life of a security analyst facing an adversary at all stages of an attack.

In BOTS, we work very hard to ask questions that not only require contestants to know or get to know Splunk solutions but also know how to research open-source intelligence and think outside of the "Splunk Security" box.

Are you excited yet?

What is North America BOTS Day?

This event will feature everything you've come to love about BOTS. Participants will compete from their safe, secure, and socially distanced locations across North America. But you won't be isolated during this virtual BOTS event, far from it! Just like always in BOTS, you are encouraged to compete in teams of up to four, and we are busy preparing a brand new never-before-seen enhanced virtual experience for this year's event.

North American BOTS Day Schedule

Spoiler Alert?

BOTS Day will utilize the BOTSv4 dataset unveiled at .conf19 back in October. While the dataset will be the same, we are busy creating a brand new question set for BOTS day. The event will feature never-before-seen questions, no spoilers, and no unfair advantages for you or anyone else.

Should I Play?

In a word, yes. We've written about who should play before, but it's worth repeating here. If you've gotten this far, you are almost certainly an excellent fit for BOTS. To hold your own in BOTS, we usually tell folks they need to know a little about the Splunk security solutions and a little about security. However, all you need is the desire to learn and have fun.

Yes, indeed, the winners of BOTS competitions are often very knowledgeable in both Splunk solutions and security. Still, everyone will have a great time and learn something new.

The questions in BOTS range from easy to hard and everything in between. Every question comes with hints to nudge you in the right direction, and if you need more, coaches are onsite to help when the hints run out. Also — don't forget — BOTS is a team sport, so if you bring your crew, you won't be alone.

If all of that isn't enough to convince you that BOTS is a safe, supportive, and fun learning environment, we've now made it super easy to play anonymously if you choose. Are you feeling a little judged on that big scoreboard? No problem. Just flip the bit on anonymous mode to take the pressure off while you catch up or plot your next move.

How Can I Prepare?

Here are some great ways to prepare for BOTS day:

Check out our "Hunting With Splunk" blog series. More than anything else, mastering the topics covered in this series will help you answer more questions faster
Take advantage of Free Splunk Fundamentals 1 Training
Practice your Splunk hunting with prior versions of BOTS
Stand up your very own BOTS environment and practice

Is There Any Fine Print?

Yeah, there's always a little, isn't there? Registration is required, but free; space is limited; no game-day registration allowed:

In the coming weeks you will be notified about the process to set up your BOTS system login and form your team.
IMPORTANT: Each individual must register, even if you are planning to participate as a team. Each team member must register.
Please register with an email that you can access on the day of the event
You are required to bring a laptop computer equipped with WIFI and running a supported web browser
On BOTS Day, you will need to acknowledge Splunk's privacy statement before you are allowed to play

How Do I Register Again?

Just sign up here. We look forward to hosting you at Splunk North American BOTS Day 2020!

----------------------------------------------------
Thanks!
Dave Herrald

Splunk Field Hashing & Masking Capabilities for Compliance

Satisfy internal and external compliance requirements using Splunk standard components.

Security 3 Min Read

Parsing Domains with URL Toolbox (Just Like House Slytherin)

One of the most popular Splunk security apps of all time, URL Toolbox’s URL parsing capabilities have been leveraged by thousands. Full story here.

Security 4 Min Read

Splunk SOAR Playbooks: Crowdstrike Malware Triage

Splunk Phantom and Crowdstrike together allows you to have a smooth operational flow from detecting endpoint security alerts to operationalizing threat intelligence and automatically taking the first few response steps – all in a matter of seconds.

About Splunk

The Splunk platform removes the barriers between data and action, empowering observability, IT and security teams to ensure their organizations are secure, resilient and innovative.

Founded in 2003, Splunk is a global company — with over 7,500 employees, Splunkers have received over 1,020 patents to date and availability in 21 regions around the world — and offers an open, extensible data platform that supports shared data across any environment so that all teams in an organization can get end-to-end visibility, with context, for every interaction and business process. Build a strong data foundation with Splunk.

Learn more about Splunk