ELK-Hunting
ELK-Hunting copied to clipboard

PolitoInc

→

Metadata

Threat Hunting with ELK Workshop (InfoSecWorld 2017)

Readme
Issues

ELK-Hunting

Threat Hunting with ELK Workshop (InfoSecWorld 2017 and TBD)

Slides

Contact us if you would like a copy.

Download ELK VM

Contact us if you would like a copy. Alternatively, simply install the ELK stack in a Linux distro of your choice (bare metal or VM).

Sysmon

https://technet.microsoft.com/en-us/sysinternals/sysmon
https://www.rsaconference.com/events/us17/agenda/sessions/7516-How-to-Go-from-Responding-to-Hunting-with-Sysinternals-Sysmon

Credits

Sample data from:

http://rabidio.com/
http://www.secrepo.com/
http://www.malware-traffic-analysis.net/

About

Threat Hunting with ELK Workshop (InfoSecWorld 2017)

elasticsearch

elk

kibana

logstash

threat-hunting

elastic

filebeat

elk-stack

nsm

winlogbeat

64

Stars

17

Forks

Watchers

Owner

PolitoInc

← Metadata

64

Stars

17

Forks

Watchers

Owner

PolitoInc

Metadata

Threat Hunting with ELK Workshop (InfoSecWorld 2017)

Back

ELK-Hunting ELK-Hunting copied to clipboard

Metadata

ELK-Hunting

Slides

Download ELK VM

Sysmon

Credits

← Metadata

Owner

Metadata

ELK-Hunting
ELK-Hunting copied to clipboard