OS Analysis with OSSEC
Offered By: Pluralsight
Course Description
Overview
OSSEC is an opensource Host Intrusion Detection System (HIDS). In this course, you will learn OS Analysis using OSSEC.
Cyber criminals often use native tools and functions of an operating system in order to perpetrate their attacks. In this course, OS Analysis with OSSEC 3, you’ll learn how to utilize OSSEC to detect authentication bypass and persistence techniques in an enterprise environment. First, you’ll learn how to detect rogue user account creation. Next, you’ll discover how accessibility features can be used for authentication bypass. Finally, you’ll analyze OSSEC logs to identify persistence using Windows scheduled tasks. When you’re finished with this course, you’ll have the skills and knowledge to detect these techniques: Create Account: Local Account T1136.001, Event Triggered Execution: Accessibility Features T1546.008, Schedule Task/Job: Scheduled Task T1053.005 using OSSEC.
Cyber criminals often use native tools and functions of an operating system in order to perpetrate their attacks. In this course, OS Analysis with OSSEC 3, you’ll learn how to utilize OSSEC to detect authentication bypass and persistence techniques in an enterprise environment. First, you’ll learn how to detect rogue user account creation. Next, you’ll discover how accessibility features can be used for authentication bypass. Finally, you’ll analyze OSSEC logs to identify persistence using Windows scheduled tasks. When you’re finished with this course, you’ll have the skills and knowledge to detect these techniques: Create Account: Local Account T1136.001, Event Triggered Execution: Accessibility Features T1546.008, Schedule Task/Job: Scheduled Task T1053.005 using OSSEC.
Syllabus
- Course Overview 1min
- Monitor OS Activity with OSSEC 22mins
- Resources 1min
Taught by
Michael Edie
Related Courses
Computer SecurityStanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network