We use cookies to ensure that we give you the best experience on our website. By continuing your visit on the website, you consent to the use of the cookies. If you want to find out more about the cookies we use, you can access our Privacy Policy.
OK

Splunk London User Group - Wednesday 5th July 2023 - in-person/hybrid - Splunk HQ

London Splunk User Group

Wednesday, July 5, 2023, 5:20 – 6:30 PM UTC

60
RSVPs

About this event

I am pleased to announce the next Splunk London User Group event has been scheduled.
Our next event will be on Wednesday 5th July 2023 and continue in a hybrid format. So either come along to Splunk HQ at Paddington or join us remotely, what ever suits you.

Presenters = Stephen Kinghan & Gabriel Doyle-Finch, Hiscox

Title: Steve and Gabriel will cover some of the lessons learnt on their path to delivering the Hiscox Purple Team, using more recently the Splunk Attack Range from the Splunk Threat Research Team. They’ll be exploring how work with Attack Range feeds directly into improving how Use Cases are delivered, Applications are secured/assured, and how Threat Modelling / Mapping feeds into exercising their SIEM.

Register for either an in-person or remote using the link below

https://usergroups.splunk.com/london-splunk-user-group/

RSVP In-person register ends 4:00pm on Tuesday 4th July 2023

Additional information

This will be a practical session, walking through setting up Splunk Attack Range. You can follow the following instructions to prepare either a docker or Azure environment to leverage attack range in the session.Splunk Attack Range: Prerequisites

Local Environment
• A machine or virtual machine running a Unix-like OS (ideally Ubuntu) or …
• If using a Windows machine, install Windows Subsystem for Linux (WSL): https://learn.microsoft.com/en-us/windows/wsl/install
• To run WSL: Windows Key + R à Open: wsl
• Follow setup instructions in shell

With access to a Unix shell:
• Install Docker:

# For Debian-based systems:
sudo apt -y update && sudo apt -y upgrade && sudo apt -y install docker.io

# For Arch-based systems:
sudo pacman -Syu && sudo -S docker.io Cloud Environment

• An Azure account:
• If you do not currently have a personal and/or company Azure account, create a free one here: https://azure.microsoft.com/en-gb/free
• Signup requires a valid credit card, but there are no initial charges
• Free Azure accounts come with USD200 of credit
• A minimum quota of 13 vCPUs in the North Europe region is required
• Follow the instructions in this link: https://learn.microsoft.com/en-us/azure/quotas/quickstart-increase-quota-portal

learn.microsoft.com

Install WSL

Install Windows Subsystem for Linux with the command, wsl --install. Use a Bash terminal on your Windows machine run by your preferred Linux distribution - Ubuntu, Debian, SUSE, Kali, Fedora, Pengwin, Alpine, and more are available. 

 

azure.microsoft.com

Create Your Azure Free Account Today | Microsoft Azure

Get started with 12 months of free services, 40+ services that are always free, and USD200 in credit. Create your free account today with Microsoft Azure.

 

learn.microsoft.com

Quickstart - Request a quota increase in the Azure portal - Azure Quotas

This quickstart shows you how to increase a quota in the Azure portal.


As usual , any questions, get in touch.

Kind Regards

Paul

Paul.Brinkman@bankofengland.co.uk

Speakers

  • Stephen Kinghan

    Hiscox

  • Gabriel Doyle-Finch

    Hiscox

When

When

Wednesday, July 5, 2023
5:20 PM – 6:30 PM UTC

Where

Where

Splunk, Brunel Building
1 & 2 Canalside Walk
Greater London, W2 1DG

Venue map

Hosts

  • Rupert Truman

    Splunk

  • Paul Brinkman

    Bank of England

Organizers

  • Atanu Roy

  • Kirsty Lambert

  • Paul Brinkman

    Bank of England

Contact Us