How To Use The Elastic Stack as a SIEM - John Hubbard
54 هزار بار بازدید -
6 سال پیش
-
A talk I gave at
A talk I gave at the Philly Security Shell meetup 2019-02-21 on how the Elastic Stack works and how you can use it for indexing and searching security logs.
Tools I mentioned:
Github repo with script and demo data - https://github.com/SecHubb/SecShell_Demo
Cerebro - https://github.com/lmenezes/cerebro
Elastalert - https://github.com/Yelp/elastalert
===
For info on my SANS teaching schedule visit: https://www.sans.org/instructors/john...
Twitter: Twitter: SecHubb
My SANS Courses:
- SEC450 - Blue Team Fundamentals: https://sans.org/sec450
- MGT551 - Building and Leading Security Operations Centers: https://sans.org/mgt551
Blueprint Podcast: https://sans.org/blueprint-podcast
Twitter: Twitter: SecHubb
Tools I mentioned:
Github repo with script and demo data - https://github.com/SecHubb/SecShell_Demo
Cerebro - https://github.com/lmenezes/cerebro
Elastalert - https://github.com/Yelp/elastalert
===
For info on my SANS teaching schedule visit: https://www.sans.org/instructors/john...
Twitter: Twitter: SecHubb
My SANS Courses:
- SEC450 - Blue Team Fundamentals: https://sans.org/sec450
- MGT551 - Building and Leading Security Operations Centers: https://sans.org/mgt551
Blueprint Podcast: https://sans.org/blueprint-podcast
Twitter: Twitter: SecHubb
6 سال پیش
در تاریخ 1397/12/03 منتشر شده
است.
54,038
بـار بازدید شده