Yet again our NCC Group’s Boss of the SOC* (BOTS) team stood victorious as they defended their title for a second year in a row and were awarded the trophy for the Splunk Boss of the SOC for Partners last night.
A blue-team capture the flag-esque competition hosted by Splunk at the annual SplunkLive in London. Contestants had to explore and investigate realistic event data in the Splunk platform including Splunk Enterprise, Phantom and Splunk Enterprise Security.
Security skills were put to the test, it was a race against peers! Yes there were prizes but we came away with bragging rights. Events like this are a chance for our skilled SOC and MDR** team to demonstrate their skills in an accelerated series of scenarios that push them to the limit.
Players were given a series of questions, varying in type and difficulty. Points were awarded to the team that answered most accurately in the least amount of time. And again NCC Group walked home with the title, Boss of the SOC.
Aside from the glory for winners, competitors learn more about their strengths and weaknesses regarding incident investigations so leave with more than just a trophy and bragging rights.
* Security Operations Centre
** Managed Detection and Response