AVP

1st place

1333 points

Awards

Solves

Challenge	Category	Value	Time
Ghostbusters 2	3.5: Investigation 101 - Using Search	45
Ghostbusters	3.5: Investigation 101 - Using Search	45
Here I am	3.5: Investigation 101 - Using Search	40
Me, myself and whoami?	3.5: Investigation 101 - Using Search	40
It’s always the creds	3.5: Investigation 101 - Using Search	35
How many admins?!	3.5: Investigation 101 - Using Search	35
Let me count the ways	3.5: Investigation 101 - Using Search	30
Sea of Threats! 2	1.1: Threat Center	20
An account was successfully logged on 2	3: Search - Advanced	30
An account was successfully logged on 1	3: Search - Advanced	30
This one is REALLY a keeper	3: Search - 101	10
This one is a keeper II	3: Search - 101	10
This one is a keeper I	3: Search - 101	10
Introduction to Search	3: Search - 101	5
I want what I want II	3: Search - 101	10
I want what I want I	3: Search - 101	10
Export this IV	3: Search - 101	11
Export this III	3: Search - 101	11
Export this II	3: Search - 101	11
Creds, creds, creds	3.5: Investigation 101 - Using Search	30
Path to success	3.5: Investigation 101 - Using Search	25
How’d you do that?	3.5: Investigation 101 - Using Search	25
Who did this?	3.5: Investigation 101 - Using Search	20
Who am i?	3.5: Investigation 101 - Using Search	20
Time for your injections	3.5: Investigation 101 - Using Search	20
Service please	3.5: Investigation 101 - Using Search	15
Attribution is a b*tch	3.5: Investigation 101 - Using Search	15
Export this I	3: Search - 101	11
Updates	2: Log Stream	10
Up to date	2: Log Stream	12
Parser Details II	2: Log Stream	11
Parser Details I	2: Log Stream	10
Let's do it Live! III	2: Log Stream	12
Let's do it Live! II	2: Log Stream	20
Let's do it Live! I	2: Log Stream	12
Introducing Log Stream	2: Log Stream	10
Creating Parsers	2: Log Stream	10
Calibration Station	2: Log Stream	10
Calibration Required	2: Log Stream	10
All Aboard!	2: Log Stream	12
Sea of Threats! 1	1.1: Threat Center	20
36 - Threat Detection Incident Response: Threat Center X	0: New-Scale 101, Compromised Insider, Malicious Insider	10
35 - Threat Detection Incident Response: Threat Center IX	0: New-Scale 101, Compromised Insider, Malicious Insider	10
34 - Threat Detection Incident Response: Threat Center VIII	0: New-Scale 101, Compromised Insider, Malicious Insider	10
33 - Threat Detection Incident Response: Threat Center VII	0: New-Scale 101, Compromised Insider, Malicious Insider	10
32 - Platform Insights: Outcomes Navigator III	0: New-Scale 101, Compromised Insider, Malicious Insider	15
31 - Platform Insights: Outcomes Navigator II	0: New-Scale 101, Compromised Insider, Malicious Insider	10
30 - Platform Insights: Outcomes Navigator I	0: New-Scale 101, Compromised Insider, Malicious Insider	15
29 - Threat Detection Incident Response: Automation Management III	0: New-Scale 101, Compromised Insider, Malicious Insider	15
28 - Threat Detection Incident Response: Automation Management II	0: New-Scale 101, Compromised Insider, Malicious Insider	15
15 - Security Management: Threat Detection Management VI	0: New-Scale 101, Compromised Insider, Malicious Insider	10
14 - Security Management: Threat Detection Management V	0: New-Scale 101, Compromised Insider, Malicious Insider	10
13 - Security Management: Threat Detection Management IV	0: New-Scale 101, Compromised Insider, Malicious Insider	20
27 - Threat Detection Incident Response: Automation Management I	0: New-Scale 101, Compromised Insider, Malicious Insider	20
26 - Threat Detection Incident Response: Search Natural Language II	0: New-Scale 101, Compromised Insider, Malicious Insider	30
25 - Threat Detection Incident Response: Search Natural Language I	0: New-Scale 101, Compromised Insider, Malicious Insider	40
24 - Threat Detection Incident Response: Search Basic	0: New-Scale 101, Compromised Insider, Malicious Insider	35
23 - Threat Detection Incident Response: Search Timeline II	0: New-Scale 101, Compromised Insider, Malicious Insider	20
22 - Threat Detection Incident Response: Search Timeline I	0: New-Scale 101, Compromised Insider, Malicious Insider	25
21 - Threat Detection Incident Response: Threat Center VI	0: New-Scale 101, Compromised Insider, Malicious Insider	10
12 - Security Management: Threat Detection Management III	0: New-Scale 101, Compromised Insider, Malicious Insider	25
20 - Threat Detection Incident Response: Threat Center V	0: New-Scale 101, Compromised Insider, Malicious Insider	15
19 - Threat Detection Incident Response: Threat Center IV	0: New-Scale 101, Compromised Insider, Malicious Insider	10
18 - Threat Detection Incident Response: Threat Center III	0: New-Scale 101, Compromised Insider, Malicious Insider	15
17 - Threat Detection Incident Response: Threat Center II	0: New-Scale 101, Compromised Insider, Malicious Insider	15
16 - Threat Detection Incident Response: Threat Center I	0: New-Scale 101, Compromised Insider, Malicious Insider	10
11 - Security Management: Threat Detection Management II	0: New-Scale 101, Compromised Insider, Malicious Insider	15
10 - Security Management: Threat Detection Management I	0: New-Scale 101, Compromised Insider, Malicious Insider	25
9 - Attack Surface Insights: Devices	0: New-Scale 101, Compromised Insider, Malicious Insider	10
8 - Attack Surface Insights: Users	0: New-Scale 101, Compromised Insider, Malicious Insider	10
7 - Context Management II	0: New-Scale 101, Compromised Insider, Malicious Insider	15
6 - Context Management I	0: New-Scale 101, Compromised Insider, Malicious Insider	10
4 - Log Stream: Parsers II	0: New-Scale 101, Compromised Insider, Malicious Insider	15
5 - Log Stream: Enrichment	0: New-Scale 101, Compromised Insider, Malicious Insider	10
3 - Log Stream: Parsers I	0: New-Scale 101, Compromised Insider, Malicious Insider	10
2 - Collection	0: New-Scale 101, Compromised Insider, Malicious Insider	10
1 - Platform Overview: Start Here!	0: New-Scale 101, Compromised Insider, Malicious Insider	5