Twitter GitHub Linkedin

Search

⌃K

Links

About Cyb3rSn0rlax

🛡️ SOC Engineering

Building an Open SIEM From Scratch

1. Introduction to Elastic Stack

2. Installing OpenDistro for Elasticsearch Plugins

3. Installing ElastAlert

4. ELK Stack: "L" is for Lord of the Stack

5. Alerting in ELK

6. Building Detection Rules

7. Metrics Reports & Dashboards

A Primer to Detection Engineering Dimensions in a SOC Universe

😺

GitHub Projects

Automating ELK Health Check

💾

DFIR

DFIR-02 : Journal Forensics

DFIR-03: RDP Authentication Artifacts

☢️ DEATH : Detection Engineering And Threat Hunting

TA0006 : Credential Access

TA0008 : Lateral Movement

🔎

Misc

Infosec Game-Sense

Powered By GitBook

5. Alerting in ELK

In progress...

c- Event Normalization with ECS

6. Building Detection Rules

Last modified 1yr ago

Copy link