SAINTCON 2019 - Daniel Dayley - Building your first SIEM with the Elastic Stack

preview_player
Показать описание
Correctly implemented, a Security Information and Event Manager (SIEM) is one of the best tools a blue team has in defending a network. This presentation covers introductory topics about SIEMs including what they are, why you need one, and the considerations that one must take in building one. We will discuss the types of events that a SIEM can detect We will discuss the core technologies involved and demonstrate the setup of a SIEM with ElasticSearch, Logstash, Kibana, RabbitMQ, ElastAlert, and Zeek.
  1. SAINTCON
Рекомендации по теме
SAINTCON 2019 - 0:29:35

SAINTCON 2019 - Daniel Dayley - Building your first SIEM with the Elastic Stack

SAINTCON 2019 - 0:43:06

SAINTCON 2019 - Dallin Warne - Is Network Monitoring Dead in the Age of Encryption?

SAINTCON 2019 - 0:41:55

SAINTCON 2019 - Keynote Session - Russ Rogers - 'The Future of Hacking Big Data'

SAINTCON 2019 - 0:47:32

SAINTCON 2019 - Jason Gale - NFC & RFID Bio-Implants: For Fun and Profit

SAINTCON 2019 - 0:44:01

SAINTCON 2019 - Josh Galvez - Hacker's Challenge Wrap-up

Tracking your Infrastructure 0:43:30

Tracking your Infrastructure Logs & Metrics in the Elastic Stack ELK Stack

SAINTCON 2018 - 0:24:46

SAINTCON 2018 - Alan Jex - Are Security Certifications Worth the Effort?

Top Cybersecurity Threats 0:58:02

Top Cybersecurity Threats and How SIEM Protects Against Them

Webinar: Using MITRE 0:59:54

Webinar: Using MITRE ATT&CK(TM) for Coverage and Effectiveness Assessments

05 Hands 0:03:34

05 Hands on with the Elastic SIEM

Kibana dashboard for 0:03:08

Kibana dashboard for valuable information on real estate

Testing Honeypot with 0:07:06

Testing Honeypot with NMAP and Visualization Log using ELK Stack

eSentire - Building 0:24:26

eSentire - Building a Next Gen SIEM

How To Better 0:21:55

How To Better Integrate Continuous Improvement Into Security Monitoring - Desiree Sacher

Applying Threat Intelligence 0:32:30

Applying Threat Intelligence for Cyber Resilience

Health Check Framework 0:05:26

Health Check Framework for QRadar at a Glance: User Guide

Meeting 75: MITRE 1:04:33

Meeting 75: MITRE Framework, pt. 2

Elasticsearch Kibana - 0:16:52

Elasticsearch Kibana - Cybersecurity - firewall monitoring

SAINTCON 2021 Keynote 0:41:36

SAINTCON 2021 Keynote - James Pope

Monitoring the COVID-19 0:44:44

Monitoring the COVID-19 Outbreak Using the Elastic Stack - Mar 20, 2020 Elastic Meetup

Третий день онлайн 1:21:24

Третий день онлайн тренинга

ELK Stack SIEM 0:10:22

ELK Stack SIEM and Palo Alto Networks Next-Generation Firewall

WICS:115 SUESSA: Sustainable 0:18:20

WICS:115 SUESSA: Sustainable & Ultra-Elastic Stack Security Architecture for Securing IoT Networ...

Kamailio World 2015 0:22:32

Kamailio World 2015 - Tudor Golubenco - Performance Management with Packetbeat

Комментарии
Автор

New world record in speed demoing. And very good.

aboringfart
Автор

do we have any resource for the commands given here?

chiragbablani