Overview
The SOC Hackathon will run for 2.5 days, with an agenda focused on R&E organisations that will be largely constructed from the needs of the community in general and attendees in specific. However, to support this process we define some ground rules/initial structure.
Location
The Hackathon will take place at CERN, further details to follow.
Dinner
We anticipate organising a self-hosted hackathon dinner on the second night (the Wednesday)
Topics
Possible topics include:
- Zeek
- MISP
- Documentation
- Integration
- Elasticsearch/OpenSearch
- Alerting
- Incident response stack
- Kafka/messaging
- pDNS(SOC)
We will discuss the agenda for the week at the end of Monday/start of Tuesday, but a strawperson first pass might look like this (with common strands throughout)
- Tuesday morning:
- Status reports
- Planning
- Tuesday afternoon:
- TBD
- Wednesday
- TBD
- Thursday morning:
- Wrap-up and next steps
Preparation
Regular SOC WG dev meetings are currently being coordinated: we would anticipate that a key outcome from these meetings this summer will be an initial set of problems and challenges to work on during this week
Breaks
We expect each session to contain at least 30 minutes of break - this should be organised per session but then stuck to
