+
 

Virtual Threat Hunting Workshop

September 24, 2020

background image

Can You Find the Threat?

Join RiskIQ and Splunk for this 2-hour virtual Threat Hunting Workshop that will fortify your skills and toolset for this new age of cybercrime. This at-home training includes brand new hands-on exercises using RiskIQ’s unique advanced data sets.

See how you can expand your investigation with RiskIQ PassiveTotal from an alert inside of Splunk. In addition, we’ll walk through how to import the indicators from PassiveTotal into Splunk to continue your internal investigation.

Attend and Learn:

  • Methodologies for threat analysis
  • How RiskIQ’s unique data sets build-out more thorough investigations
  • Overview of Splunk and Splunk Applications used in Threat Investigations
  • Use Cases – Hands-On Exercises and Investigations

*Certificates for completion are distributed for attending the entire workshop

Agenda

TimeSession
10:00 a.m. PDTWelcome, Methodology and RiskIQ Data Sets
10:15 a.m.
  • Methodologies for threat analysis
  • RiskIQ data sets overview
11:00 a.m.Use Cases – Hands-On Exercises and Investigations
  • Using RiskIQ PassiveTotal looking at known good infrastructure to find threat actors targeting your domain or brand in attacks.
  • From an alert inside of Splunk using internal organization data expand your investigation with RiskIQ PassiveTotal. Once your investigation is complete inside of PassiveTotal import the indicators in Splunk to continue your internal investigation.
  • Using Splunk to further your skills investigations alerts on events triggered from internal systems.
12:00 p.m.Wrap up

Sponsored by: