GoldenSpray is a blue team lab that falls under the Threat Hunting category and will cover the following subjects: Splunk, ELK, Execution, Persistence, Privilege Escalation, Credential Access, Lateral Movement.
Learning Objectives
Reconstruct a multi-stage intrusion timeline by analyzing Windows and Sysmon event logs within Elastic SIEM to identify key attack tactics, techniques, and procedures.