YoVDO

Arming Small Security Programs - Network Baseline - Matt Domko

Offered By: YouTube

Tags

Conference Talks Courses Network Security Courses GitHub Courses Security Onion Courses Malware Detection Courses Elastic Stack Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore network baseline techniques for enhancing small security programs in this NolaCon 2017 conference talk. Delve into malware detection, heuristic detection, application whitelisting, and logging strategies. Learn to leverage Bro logs, implement Elasticsearch, and create baseline reports. Discover how to collect traffic, set up alerts, and automate baseline processes. Gain insights into Security Onion's GUI and practical use cases. Access valuable resources on GitHub to strengthen your organization's network security posture.

Syllabus

Intro
Stolen Slideshow Template
Why am I here
Goal
Malware Detection
Heuristic Detection
Application Whitelisting
Logging
Network Activity
Bro Logs
Bro Log Formatting
Cheat Sheet
Elastics
MyPorts
Events
Print
New Connection
Baseline Report
Manual Baseline
Parse Log
Network Overview
Subnet Mask
Modify Baseline Report
Collect Traffic
Alerts
Logs
Custom Date
Create Separate Files
parse logs
auto baseline
run forward script
restart
Security Onion
Use Cases
GUI
Github


Related Courses

Processing and Visualizing Logs With Elastic Stack
Coursera Project Network via Coursera Secure Your Code - Injections and Logging
Pluralsight Deploying Network Configuration Management and Telemetry Solutions
Pluralsight Installing the Elastic Stack
Pluralsight Beginner's Crash Course to Elasticsearch and Kibana
YouTube