Press "Enter" to skip to content

Investigating a Hack with Splunk and the Cyber Kill Chain Part 1

In this four part series of videos we examine how you can use Splunk and the Lockheed Martin Kill Chain to investigate a data breach.

In Part 1 (this video) :

1. We introduce Splunk as a tool,.
2. We examine the hack/security incident we are going to investigate with Splunk.
3. We discuss the Lockheed Martin Cyber Kill Chain we will use as an investigative framework.
4. We have a quick look at the datasources we have available in Splunk to help us with our investigation.


Introduction to the Splunk Security Dataset

Splunk Security Datasets on GitHub

Boss of the SOC Team Competition Scoring Application

Splunk Online Live Access to the Splunk Security Project

0 0 vote
Article Rating
Notify of
Inline Feedbacks
View all comments
Would love your thoughts, please comment.x