How To Use The Elastic Stack as a SIEM - John Hubbard
A talk I gave at the Philly Security Shell meetup 2019-02-21 on how the Elastic Stack works and how you can use it for indexing and searching security logs.
Tools I mentioned:
Github repo with script and demo data - https://github.com/SecHubb/SecShell_Demo
Cerebro - https://github.com/lmenezes/cerebro
Elastalert - https://github.com/Yelp/elastalert
===
For info on my SANS teaching schedule visit: https://www.sans.org/instructors/john-hubbard
Twitter: https://twitter.com/SecHubb
My SANS Courses:
- SEC450 - Blue Team Fundamentals: https://sans.org/sec450
- MGT551 - Building and Leading Security Operations Centers: https://sans.org/mgt551
Blueprint Podcast: https://sans.org/blueprint-podcast
Twitter: https://twitter.com/SecHubb
Видео How To Use The Elastic Stack as a SIEM - John Hubbard канала John Hubbard
Tools I mentioned:
Github repo with script and demo data - https://github.com/SecHubb/SecShell_Demo
Cerebro - https://github.com/lmenezes/cerebro
Elastalert - https://github.com/Yelp/elastalert
===
For info on my SANS teaching schedule visit: https://www.sans.org/instructors/john-hubbard
Twitter: https://twitter.com/SecHubb
My SANS Courses:
- SEC450 - Blue Team Fundamentals: https://sans.org/sec450
- MGT551 - Building and Leading Security Operations Centers: https://sans.org/mgt551
Blueprint Podcast: https://sans.org/blueprint-podcast
Twitter: https://twitter.com/SecHubb
Видео How To Use The Elastic Stack as a SIEM - John Hubbard канала John Hubbard
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
![[CENTOS] - Stack ELK per centralizzare i log con Kibana, elasticsearch e logstash](https://i.ytimg.com/vi/xwMwPEE9Aqc/default.jpg)
[CENTOS] - Stack ELK per centralizzare i log con Kibana, elasticsearch e logstash
Why Use Open Stack For Developers & Business Solutions | vSphere
Hunting for Post-Exploitation Stage Attacks with Elastic Stack and the MITRE ATT&CK Framework
Building Security Dashboards on ELK Stack/Elasticsearch to supercharge your SIEM
Overview of the Elastic Stack (formerly ELK stack)
A Journey of Elastic SIEM: Getting Started through Threat Analysis Part 1
The Super 701 - Jon's Zenith Aircraft | STOL Bush Plane
Livestream with Elastic CEO, Shay Banon SIEM + Endpoint Security
SAINTCON 2019 - Daniel Dayley - Building your first SIEM with the Elastic Stack
SOF ELK® A Free, Scalable Analysis Platform for Forensic, Incident Response, and Security Operation
Common Elastic Stack & Elasticsearch Architectures
12 Days of Defense - Day 1: PDF and Office Doc Malware IOC Extraction
Cyber Threat Intelligence Explained and How Install MISP Threat Intelligence Platform with Docker
Elastic Stack Tutorial | Create a Free SIEM Tool with Elasticsearch, Auditbeat, & Kibana | Part 1
Using Elasticsearch & Kibana for Security Analytics to Fight the Dark Army on Mr. Robot
SOAR vs SIEM Webinar
12 Days of Defense - Day 12: Should I Get A SOC/Cyber Defense Job?
How I learned to code (as a software engineer) using project-based learning.
Elasticsearch in an Hour
What Is ELK Stack | ELK Tutorial For Beginners | Elasticsearch Kibana | ELK Stack Training | Edureka