Finding Evil is Never an Accident: How to Hunt in BOTS
Tuesday, October 22, 4:15 PM
To secure the modern endpoint, you need sufficient data, the right visibility and analysis, and the technology to stop an intrusion. This session will leverage BOTSv4 data to help you test and validate Splunk use cases related to hunting threats using endpoint data. We will cover several real-world case studies as described in MITRE ATT&CK™, simulating adversary groups by using Atomic Red Team tests.