How To Use The Elastic Stack as a SIEM - John Hubbard
A talk I gave at the Philly Security Shell meetup 2019-02-21 on how the Elastic Stack works and how you can use it for indexing and searching security logs.
Tools I mentioned:
Github repo with script and demo data - https://github.com/SecHubb/SecShell_Demo
Cerebro - https://github.com/lmenezes/cerebro
Elastalert - https://github.com/Yelp/elastalert
===
For info on my SANS teaching schedule visit: https://www.sans.org/instructors/john-hubbard
Twitter: https://twitter.com/SecHubb
My SANS Courses:
- SEC450 - Blue Team Fundamentals: https://sans.org/sec450
- MGT551 - Building and Leading Security Operations Centers: https://sans.org/mgt551
Blueprint Podcast: https://sans.org/blueprint-podcast
Twitter: https://twitter.com/SecHubb
Видео How To Use The Elastic Stack as a SIEM - John Hubbard канала John Hubbard
Tools I mentioned:
Github repo with script and demo data - https://github.com/SecHubb/SecShell_Demo
Cerebro - https://github.com/lmenezes/cerebro
Elastalert - https://github.com/Yelp/elastalert
===
For info on my SANS teaching schedule visit: https://www.sans.org/instructors/john-hubbard
Twitter: https://twitter.com/SecHubb
My SANS Courses:
- SEC450 - Blue Team Fundamentals: https://sans.org/sec450
- MGT551 - Building and Leading Security Operations Centers: https://sans.org/mgt551
Blueprint Podcast: https://sans.org/blueprint-podcast
Twitter: https://twitter.com/SecHubb
Видео How To Use The Elastic Stack as a SIEM - John Hubbard канала John Hubbard
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
[CENTOS] - Stack ELK per centralizzare i log con Kibana, elasticsearch e logstashWhy Use Open Stack For Developers & Business Solutions | vSphereHunting for Post-Exploitation Stage Attacks with Elastic Stack and the MITRE ATT&CK FrameworkBuilding Security Dashboards on ELK Stack/Elasticsearch to supercharge your SIEMOverview of the Elastic Stack (formerly ELK stack)A Journey of Elastic SIEM: Getting Started through Threat Analysis Part 1The Super 701 - Jon's Zenith Aircraft | STOL Bush PlaneLivestream with Elastic CEO, Shay Banon SIEM + Endpoint SecuritySAINTCON 2019 - Daniel Dayley - Building your first SIEM with the Elastic StackSOF ELK® A Free, Scalable Analysis Platform for Forensic, Incident Response, and Security OperationCommon Elastic Stack & Elasticsearch Architectures12 Days of Defense - Day 1: PDF and Office Doc Malware IOC ExtractionCyber Threat Intelligence Explained and How Install MISP Threat Intelligence Platform with DockerElastic Stack Tutorial | Create a Free SIEM Tool with Elasticsearch, Auditbeat, & Kibana | Part 1Using Elasticsearch & Kibana for Security Analytics to Fight the Dark Army on Mr. RobotSOAR vs SIEM Webinar12 Days of Defense - Day 12: Should I Get A SOC/Cyber Defense Job?How I learned to code (as a software engineer) using project-based learning.Elasticsearch in an HourWhat Is ELK Stack | ELK Tutorial For Beginners | Elasticsearch Kibana | ELK Stack Training | Edureka