Every year the Blue Team Village hosts OpenSOC. A unique defense CTF meant to teach and test practical incident response skills in an environment that's as close to "the real thing" as it gets. This year BTV wanted to do more. We know that some Blue Teamers might be unfamiliar with some of the tools used by OpenSOC. And we didn't want that to keep anyone from playing this incredible defense simulation. So this year we are dedicating all day Thursday to demo the various OpenSOC tools, before OpenSOC starts on Friday. These are tools like Graylog, Moloch, Zeek, Osquery, and others that Blue Teamers rely on every day to defend their networks against attackers. That means that after you LEARN the tools, you can PLAY the OpenSOC CTF, and then take that knowledge back to your own Blue Team to DO the work of defending your network.