BSidesCharm - 2017 - Ryan Hays - Weaponizing Splunk: Using Blue Teams for Evil

Weaponizing Splunk: Using Blue Teams for Evil Splunk is a log aggregation and correlation tool that is normally used for defensive analysis and infrastructure management. What if Attackers could use this same tool against the blue team? During this presentation, I will discuss creative uses that penetration testers and Red Teamers can use to gain more access and move laterally within an organization. Presenter: Ryan Hays Ryan is the Director of Security Engineering at TBG Security. With 15 years of experience in the IT field, he has worked in a variety of capacities, currently specializing in offensive security and threat emulation techniques. During his career, he has worked with a multitude of Fortune 500 and 1000 companies, along with various U.S. Government Intelligence agencies. Ryan takes pride in giving back to the infosec community by presenting at multiple conferences as well as providing training and mentorship to people across the globe.