Threat Hunting Foundations Workshop
Earn Your Threat Hunting - Foundations Badge!
You’ve signed up for the workshop, you've studied to the data, and you've even gotten your hands dirty. Now is the time to put your knowledge to the ultimate test!
The data you've been provided during the workshop contains many interesting artifacts that could help you discover suspicious or malicious activity. These artifacts can be process names, remote ip addresses, files that were created, and so on but all have been designed to resemble actions taken by threat actors in the past and your job is to find a few of them!
For those that successfully answer the questions, you will be awarded the Intel 471 Threat Hunting Foundations badge.
How Do You Claim Your Badge?
The data is already imported into your Elastic instance during set up - all you have to do is begin your hunt!
REMEMBER: You can submit as many times as you like!
Please enter your answers for the 4 flags below. If a flag is incorrect, you will receive an email indicating which one needs to be corrected. To receive your badge, submit the form with all 4 correct flag answers.