Boss Of The SOC v3

Boss Of The SOC v3 is a blue team lab that falls under the Threat Hunting category and will cover the following subjects: Splunk, Reconnaissance, Initial Access, Execution, Persistence, Privilege Escalation, Defense Evasion, Credential Access, Lateral Movement, Collection, Command and Control, Exfiltration, Impact.

Learning Objectives

Apply Splunk search queries to extract information and answer questions from provided log data.

Categories: Threat Hunting.

MITRE ATT&CK Tactics: Reconnaissance, Initial Access, Execution, Persistence, Privilege Escalation, Defense Evasion, Credential Access, Lateral Movement, Collection, Command and Control, Exfiltration, Impact.

Tools: Splunk.

Difficulty: hard.