Analyze Network Event Activity Data with Elasticsearch
Offered By: Pluralsight
Course Description
Overview
As our infrastructures grow, the quality of our data from these devices is becoming critical to cyber operations. This course will teach you how to ingest and use network event and telemetry data for threat hunting operations.
In today’s cybersecurity landscape, threats are everywhere. Our telemetry and network event data quality is important to detecting, responding to, and mitigating those threats. Elasticsearch can help ease the burden of sifting through the large amounts of data that we collect. In this course, Analyze Network Event Activity Data with Elasticsearch, you’ll learn to ingest network event and telemetry data, and use it to find threats. First, you’ll explore how to ingest security device logs and Netflow, and use it to find potential threats. Next, you’ll discover how to use application data to detect anomalies and interesting behavior. Finally, you’ll learn how to correlate the data between the various sources to identify threats. When you’re finished with this course, you’ll have the skills and knowledge of Elasticsearch needed to effectively use the data being collected for cyber operations.
In today’s cybersecurity landscape, threats are everywhere. Our telemetry and network event data quality is important to detecting, responding to, and mitigating those threats. Elasticsearch can help ease the burden of sifting through the large amounts of data that we collect. In this course, Analyze Network Event Activity Data with Elasticsearch, you’ll learn to ingest network event and telemetry data, and use it to find threats. First, you’ll explore how to ingest security device logs and Netflow, and use it to find potential threats. Next, you’ll discover how to use application data to detect anomalies and interesting behavior. Finally, you’ll learn how to correlate the data between the various sources to identify threats. When you’re finished with this course, you’ll have the skills and knowledge of Elasticsearch needed to effectively use the data being collected for cyber operations.
Syllabus
- Course Overview 2mins
- Exploring Network Telemetry and Event Data 26mins
- Analyzing Netflow with Elasticsearch 35mins
- Using IDS Events for Threat Detection 31mins
- Using Network Application Data for Anomaly Detection 27mins
- Correlating Network Telemetry for Threat Detection 29mins
Taught by
Joe Abraham
Related Courses
Deep Dive into Amazon GlacierAmazon via Independent Preparing for your Professional Data Engineer Journey
Google Cloud via Coursera Building Resilient Streaming Systems on Google Cloud Platform en Français
Google Cloud via Coursera IBM AI Enterprise Workflow
IBM via Coursera Introduction to Designing Data Lakes on AWS
Amazon Web Services via edX