CYB3RSN0RLAX
Twitter
GitHub
Linkedin
Search
⌃K
Links
About Cyb3rSn0rlax
🛡️ SOC Engineering
🧞
Building an Open SIEM From Scratch
1. Introduction to Elastic Stack
2. Installing OpenDistro for Elasticsearch Plugins
3. Installing ElastAlert
4. ELK Stack: "L" is for Lord of the Stack
5. Alerting in ELK
6. Building Detection Rules
7. Metrics Reports & Dashboards
🛡
A Primer to Detection Engineering Dimensions in a SOC Universe
😺
GitHub Projects
ELK4QRadar
Automating ELK Health Check
💾
DFIR
DFIR-01 : $MFT
DFIR-02 : Journal Forensics
DFIR-03: RDP Authentication Artifacts
☢️ DEATH : Detection Engineering And Threat Hunting
🔑
TA0006 : Credential Access
🦘
TA0008 : Lateral Movement
🔎
Misc
Infosec Game-Sense
Powered By
GitBook
5. Alerting in ELK
In progress...
Previous
c- Event Normalization with ECS
Next
6. Building Detection Rules
Last modified
1yr ago