I am pleased to announce the next Splunk London User Group event has been scheduled. Presenters = Stephen Kinghan & Gabriel Doyle-Finch, Hiscox Title: Steve and Gabriel will cover some of the lessons learnt on their path to delivering the Hiscox Purple Team, using more recently the Splunk Attack Range from the Splunk Threat Research Team. They’ll be exploring how work with Attack Range feeds directly into improving how Use Cases are delivered, Applications are secured/assured, and how Threat Modelling / Mapping feeds into exercising their SIEM. Register for either an in-person or remote using the link below https://usergroups.splunk.com/london-splunk-user-group/ RSVP In-person register ends 4:00pm on Tuesday 4th July 2023 This will be a practical session, walking through setting up Splunk Attack Range. You can follow the following instructions to prepare either a docker or Azure environment to leverage attack range in the session.Splunk Attack Range: Prerequisites Local Environment With access to a Unix shell: # For Arch-based systems: • An Azure account: Install
Windows Subsystem for Linux with the command, wsl --install. Use a Bash
terminal on your Windows machine run by your preferred Linux distribution -
Ubuntu, Debian, SUSE, Kali, Fedora, Pengwin, Alpine, and more are available. Create Your
Azure Free Account Today | Microsoft Azure Get
started with 12 months of free services, 40+ services that are always free, and
USD200 in credit. Create your free account today with Microsoft Azure. Quickstart -
Request a quota increase in the Azure portal - Azure Quotas
This
quickstart shows you how to increase a quota in the Azure portal. Kind Regards Paul Paul.Brinkman@bankofengland.co.uk
Our next event will be on Wednesday 5th July 2023 and continue in a hybrid format. So either come along to Splunk HQ at Paddington or join us remotely, what ever suits you.
Additional information
• A machine or virtual machine running a Unix-like OS (ideally Ubuntu) or …
• If using a Windows machine, install Windows Subsystem for Linux (WSL): https://learn.microsoft.com/en-us/windows/wsl/install
• To run WSL: Windows Key + R à Open: wsl
• Follow setup instructions in shell
• Install Docker:
# For Debian-based systems:
sudo apt -y update && sudo apt -y upgrade && sudo apt -y install docker.io
sudo pacman -Syu && sudo -S docker.io Cloud Environment
• If you do not currently have a personal and/or company Azure account, create a free one here: https://azure.microsoft.com/en-gb/free
• Signup requires a valid credit card, but there are no initial charges
• Free Azure accounts come with USD200 of credit
• A minimum quota of 13 vCPUs in the North Europe region is required
• Follow the instructions in this link: https://learn.microsoft.com/en-us/azure/quotas/quickstart-increase-quota-portal
As usual , any questions, get in touch.
Hiscox
Hiscox
Wednesday, July 5, 2023
5:20 PM – 6:30 PM UTC
Splunk
Bank of England
Bank of England