We use cookies to ensure that we give you the best experience on our website. By continuing your visit on the website, you consent to the use of the cookies. If you want to find out more about the cookies we use, you can access our Privacy Policy.
OK

Splunk London User Group - Wednesday 5th July 2023 - in-person/hybrid - Splunk HQ

Jul 5, 2023, 5:20 – 6:30 PM (UTC)

London Splunk User Group

We are back with our 4th SLUG event of 2023. So register to join us in-person or remote, choice is yours. Full details in the event description area.

About this event

I am pleased to announce the next Splunk London User Group event has been scheduled.
Our next event will be on Wednesday 5th July 2023 and continue in a hybrid format. So either come along to Splunk HQ at Paddington or join us remotely, what ever suits you.

Presenters = Stephen Kinghan & Gabriel Doyle-Finch, Hiscox

Title: Steve and Gabriel will cover some of the lessons learnt on their path to delivering the Hiscox Purple Team, using more recently the Splunk Attack Range from the Splunk Threat Research Team. They’ll be exploring how work with Attack Range feeds directly into improving how Use Cases are delivered, Applications are secured/assured, and how Threat Modelling / Mapping feeds into exercising their SIEM.

Register for either an in-person or remote using the link below

https://usergroups.splunk.com/london-splunk-user-group/

RSVP In-person register ends 4:00pm on Tuesday 4th July 2023

Additional information

This will be a practical session, walking through setting up Splunk Attack Range. You can follow the following instructions to prepare either a docker or Azure environment to leverage attack range in the session.Splunk Attack Range: Prerequisites

Local Environment
• A machine or virtual machine running a Unix-like OS (ideally Ubuntu) or …
• If using a Windows machine, install Windows Subsystem for Linux (WSL): https://learn.microsoft.com/en-us/windows/wsl/install
• To run WSL: Windows Key + R à Open: wsl
• Follow setup instructions in shell

With access to a Unix shell:
• Install Docker:

# For Debian-based systems:
sudo apt -y update && sudo apt -y upgrade && sudo apt -y install docker.io

# For Arch-based systems:
sudo pacman -Syu && sudo -S docker.io Cloud Environment

• An Azure account:
• If you do not currently have a personal and/or company Azure account, create a free one here: https://azure.microsoft.com/en-gb/free
• Signup requires a valid credit card, but there are no initial charges
• Free Azure accounts come with USD200 of credit
• A minimum quota of 13 vCPUs in the North Europe region is required
• Follow the instructions in this link: https://learn.microsoft.com/en-us/azure/quotas/quickstart-increase-quota-portal

learn.microsoft.com

Install WSL

Install Windows Subsystem for Linux with the command, wsl --install. Use a Bash terminal on your Windows machine run by your preferred Linux distribution - Ubuntu, Debian, SUSE, Kali, Fedora, Pengwin, Alpine, and more are available. 

 

azure.microsoft.com

Create Your Azure Free Account Today | Microsoft Azure

Get started with 12 months of free services, 40+ services that are always free, and USD200 in credit. Create your free account today with Microsoft Azure.

 

learn.microsoft.com

Quickstart - Request a quota increase in the Azure portal - Azure Quotas

This quickstart shows you how to increase a quota in the Azure portal.


As usual , any questions, get in touch.

Kind Regards

Paul

Paul.Brinkman@bankofengland.co.uk

Speakers

  • Stephen Kinghan

    Hiscox

  • Gabriel Doyle-Finch

    Hiscox

When

When

Wednesday, July 5, 2023
5:20 PM – 6:30 PM (UTC)

Where

Where

Splunk, Brunel Building
1 & 2 Canalside Walk
Greater London, W2 1DG

Hosts

  • Rupert Truman

    Splunk

    Senior Consulting Sales Engineer

  • Paul Brinkman

    Bank of England

Organizers

  • Even Hvatum-Biggs

    LSEG

    User Group Leader

  • Tom Hogben

    Splunk

    User Group Leader, Solutions Engineer

Contact Us