Finding SolarWinds / SUNBURST backdoors with Zeek, Suricata, & Corelight
Watch this webcast and to discover how to:
-Query Zeek logs in a SIEM to hunt for Sunburst IOCs
-Run community Suricata and Sigma rules for detections
-Investigate DNS and HTTP traffic for evidence of SolarWinds Orion compromise
Link to presentation: https://www3.corelight.com/corelight-presentation-find-solarwinds-sunburst-backdoors-zeek-suricata
Link to IOC spreadsheet: https://solarigate.training.corelight.io/
Видео Finding SolarWinds / SUNBURST backdoors with Zeek, Suricata, & Corelight канала Corelight, Inc
-Query Zeek logs in a SIEM to hunt for Sunburst IOCs
-Run community Suricata and Sigma rules for detections
-Investigate DNS and HTTP traffic for evidence of SolarWinds Orion compromise
Link to presentation: https://www3.corelight.com/corelight-presentation-find-solarwinds-sunburst-backdoors-zeek-suricata
Link to IOC spreadsheet: https://solarigate.training.corelight.io/
Видео Finding SolarWinds / SUNBURST backdoors with Zeek, Suricata, & Corelight канала Corelight, Inc
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
Raspberry Pi sensors for home networksSUNBURST SolarWinds Malware - Tools, Tactics and Methods to get you started with Reverse EngineeringEverything You Need To Know About SolarWinds AttackSecure your cloud projects with NSMMake Everyone An Expert: Get SOAR running ASAP with the help from Splunk and CorelightForrester + Corelight webcast: Turn the lights back on for encrypted trafficHow the SolarWinds Hack Could Change Data Security ForeverHow to Hunt for Insiders with Network DeceptionSOLARWINDS – A SANS Lightning SummitSolarWinds: What It Means & What’s NextSolarWinds breach: Insights from the trenches | Live incident response demo | Cyber Work PodcastDrive SOC efficiency with network data and MLAn Introduction to Threat Hunting With Zeek (Bro)SANS Emergency Webcast: What you need to know about the SolarWinds Supply-Chain AttackBlack Hat 2013 - Exploiting Network Surveillance Cameras Like a Hollywood HackerSUNBURST SolarWinds RECON - Malware Reverse Engineering, OSINT and Identifying VictimsExpert Playbooks for Non-Expert UseUpdates on the SolarWinds Sunburst Supply Chain Attack | FireEye HackUsing Zeek/Bro To Discover Network TTPs of MITRE ATT&CK™ Part 1SUPERNOVA - Everything you need to know to Reverse Engineer an APT WebShell